November 9, 2018
Preventing a Breach Will Secure and Protect Its Value
In the age of digital technology, the biggest asset any company has is its data. But despite hearing that fact repeated over and over, organizations often haven’t a clue what their data is worth. That’s no surprise, considering how difficult it is to measure the value of enterprise data without generally accepted accounting principles.
However, knowing the value of your data is extremely important for determining your cybersecurity measures. Insurance policy estimates also rely on value, so operating in a vacuum where we know only that data is “valuable” can be problematic. How can you calculate how much your company’s data is worth?
Finding the True Value of Your Data
There are actually several ways to determine the value of your data in practical terms. For example, you can estimate the costs of replacing all the data that you have; you could try measuring how much data contributes to your organization’s revenue; or you could figure the income made by selling or renting your data if you were to turn it into Data-as-a-Service. However, calculating data value in these ways can be complex if your organization lacks deep analytic capabilities.
Figuring Data Value by the Costs of a Breach
One valid and intelligent way to measure the worth of data is by examining the costs of a data breach. According to the Ponemon 2018 Cost of a Data Breach report, the average loss to the company caused by an attack is $148 per compromised record.
That means for breaches in which more than 50,000 records are compromised, damages could reach $6.9 million. Even that is nowhere near the scale of a truly massive, headline-grabbing breach: one million compromised records could cost a company up to $39 million!
Securing Data and Its Value to the Company
The root cause of all this high risk and potentially massive damage is the phishing attack. When you place a quantifiable value on the data that your organization collects and processes, it’s easy to see why cybersecurity must become a top priority.
Once a phishing attack succeeds in installing malware on your system, your data is threatened by ransomware, theft of vital banking information and corporate credentials, and other crimes.
This is why Gartner names anti-phishing defense as essential to an overall protection architecture.
Data breaches are common occurrences, especially when hackers target humans as the weakest link in any cybersecurity system. Gartner notes Verizon’s statistic that phishing and pretexting encompass 98 percent of social incidents and 93 percent of breaches.
Through a phishing attack, a criminal needs for you to make only one miscalculation and click on a malicious link to enable breach of your organization and considerable financial damage. Because of this vulnerability, anti-phishing protection that preempts attacks before they become a threat should be the first course of action and best practice for protecting your organization—far more reliable than trying to train employees.
Area 1 Security offers the technology-based anti-phishing protection that Gartner recommends as a necessary element of an overall security infrastructure. A dedicated anti-phishing strategy can detect threats in advance and disable them before they reach the inbox. Don’t let a data breach force you to put a costly price tag on your organization’s data—protect that data from phishing and retain its value intact.
Article by Kim Del Fierro, VP of Marketing for Area 1 Security.