For those who think cybersecurity is a cost center, imagine the price of living without it. While ransomware dominates the headlines, the real money drain is a good old-fashioned data breach.

How much are we talking about? Loads. According to the 2021 IBM Cost of a Data Breach Report, even one stolen record of user personal identifiable information (PII) costs the big bucks. “Customer PII was also the costliest record type, at $180 per lost or stolen record. The overall average cost per record in the 2021 study was $161, an increase from $146 per lost or stolen record in the 2020 report year,” IBM found.

Additionally, the report found that costs rose 10% from the previous year, representing the biggest increase in the last seven years. PII was not only the most expensive, but was the most commonly breached, accounting for 44% of all stolen records. These records are often found in files, and sensitive files can contain hundreds or thousands of records. One misdirected or stolen email attachment alone can cost an arm and a leg.

1. Just say no to email attachments

Email breaches are raging like a California wildfire. In fact, 93% of 538 IT leaders surveyed in a report from Egress were breached in the previous year thanks to email issues. Meanwhile, 70% of these IT professionals say remote work boosts the risk of email hacks.

Having these messages breached could lead to compliance trouble and more. Recent data breaches have led to lawsuits and reputational damage suffered by targeted companies.

2. Be wary of employees: Past and present 

Organizational files are commonly put at risk by employees. Insider threats — whether malicious or accidental — can represent significant sources of loss and data breach incidents to an organization.

Employees can pose an unintentional or malicious risk to the organization. Depending on their level of cybersecurity knowledge, they could accidentally become susceptible to a phishing campaign or purposefully introduce malware into the organizational network.

3. Protect files: That’s where the data is 

Sensitive organizational data is often stored in Word documents. “Once data is exported from these systems — sometimes for valid business uses, such as [user] segmentation or powering a marketing campaign — it’s easy to lose control over the data,” noted a recent report. “Sending sensitive data in email messages or as attachments results in a broader attack surface for sensitive data, thus increasing the threat landscape if an email account or cloud storage account is compromised.”

4. Be wary of shadow IT 

File-sharing apps are great, especially for simple sharing of non-sensitive files. However, these programs can open enterprises up to cyberattacks by exposing sensitive data.

The problem is these unauthorized apps are breach and compliance fines waiting to happen. An example of how a data breach can occur with shadow IT services involves blocking the prevention of a recently let-go employee's ability to connect to their employer’s network. By storing the ex-colleague's credentials in an anonymous system, it enables the employee to log on at any time and access current company data.

5. How zero trust lowers breach costs

Zero trust security is helpful in blocking breaches and mitigating the impact of any breakthroughs. While zero trust security appears to be ideal for most organizations, unfortunately, too few adopt it. Results from the IBM study showed that just 35% of organizations had implemented a zero trust security approach.

6. Encrypt, encrypt and encrypt some more! 

The number one best practice is encryption. It has been proven to be incredibly helpful in both business and federal sectors due to its effectiveness. Using encryption to protect enterprise data can help provide another layer of protection even if the network is breached.