Breaking down data and departmental silos has a financial upside. Most network and security teams report close collaboration. The report authors looked at the connection between collaboration and the cost of the worst data breaches. Companies that had very or extremely strong collaboration between security and networking teams or endpoint management and networking teams showed significantly lower breach costs that were less than $500,000.
Implement Zero Trust to tighten cybersecurity
Threats from mobile devices are now the biggest security threat with more than half of the respondents said mobile devices are now very or extremely challenging to defend. Last year user behavior was the biggest challenge.
Some IT companies recommend a Zero Trust Framework to improve mobile security. This approach authenticates users, checks devices, and limits where a user can go. To develop a zero trust security model, companies should take these steps:
- Establish a clear identity and access management strategy that includes multi-factor authentication (MFA)
- Create an up-to-date asset inventory that distinguishes between managed and unmanaged devices
- Create a trusted device policy that prompts users to update their devices against measured vulnerabilities
- Control user access through a centrally managed policy that identifies and acts upon exceptions
- Build an architecture and set of processes that enables users to access on-premise and cloud applications
Secure your data with two-factor authentication
The survey found that only 27% of organizations are using MFA. The industries with the highest adoption rates are software development, financial services, government, retail, manufacturing, and telecommunications.
Test your response plan to prepare for cyberattack
The survey identified nine best practices that could keep the costs of a breach under $500,000 or even less than $100,000. These tasks include:
- Review and improve security practices regularly, formally, and strategically over time
- Regularly review connection activity on the network to ensure that security measures are working as intended
- Integrate security into the organization’s goals and business capabilities
- Routinely and systematically investigate security incidents
- Put tools in place to provide feedback about security practices
- Increase security controls on high-value assets as necessary
- Integrate security technologies
- Keep threat detection and blocking capabilities up to date
- Make it easy to determine the scope of a compromise, contain it, and remediate
The survey found that there is a tangible ROI in implementing a baseline patch policy. Forty-six percent of respondents were more concerned about unpatched vulnerabilities in this year’s survey, compared with 30% last year. Breaches caused by unpatched vulnerabilities resulted in more data loss as well. Thirty-eight percent of organizations that lost data this way said the impact was 10,000 data records or more. Among companies who hadn’t suffered a breach from an unpatched vulnerability, only 27% lost 10,000 or more records.