The financial ramifications associated with data breaches have never been more severe amid sharp rises in the volume and velocity of data-targeting cyberattacks. IBM’s 2022 Cost of a Data Breach Report, conducted in conjunction with the Ponemon Institute, studied more than 500 global organizations across 17 industries impacted by data breaches over the past year. Its findings portray the heightened risk that data breaches can pose to a company’s financial stability. According to the report:
The average total cost of a data breach reached a record-high $4.35 million in 2022, representing a 13% increase from 2020. At $9.44 million, the U.S. had the highest average of any country.
The average data breach cost for organizations with high levels of compliance failures was $5.57 million.
83% of organizations fell victim to more than one data breach, and 60% of data breaches led to rising prices for customers.
The average duration of identifying and containing a data breach was 277 days.
Given the volatile state of the global economy and a potential U.S. economic recession on the horizon, security leaders, in turn, should be accelerating efforts to safeguard their unstructured data assets from malicious threat actors. Failing to actively defend data where it’s stored can make or break a bottom line. In today’s market environment, organizations simply can’t afford it.
The Challenge: Complexity
The complexity of defending unstructured data from ransomware is a key obstacle hampering organizational security postures worldwide. It requires the right combination of user and entity behavior analysis (UEBA) and security orchestration automation and response (SOAR) capabilities designed, engineered and integrated to detect and stop data threats.
In addition to lacking both UEBA and SOAR, most legacy cybersecurity technologies, spanning from traditional endpoint solutions to network-attached storage (NAS) systems, fail to provide the operational agility and real-time visibility needed for active defense. Most were constructed to keep network perimeters safe through perimeter-based protections that essentially “lock all the windows and doors” with a singular focus on network-centric tools, endpoint security and device authentication.
However, in response to the escalating prevalence of insider threats over the last several years, I&O security leaders have started to pivot from legacy technologies in favor of non-traditional approaches that further align with the evolving threat landscape – such as adjusting user password schemes, tightening admin rights, rethinking zero trust and enhancing application connectivity. That is because what threat actors really want isn’t located on your network perimeter. In fact, it’s actually the opposite.
Whether it’s rooted in monetary gain (ransomware), intrinsic value (data theft) or geopolitical pressure (state-sponsored attacks), attackers covet the unstructured data assets sitting at the core of an organization’s file shares. And they’ll do whatever it takes to steal, encrypt or destroy them by continuously evolving their tactics, techniques and procedures. In turn, more enterprises must deploy more innovative and scalable technologies that provide a unified layer of security defense around the data itself rather than from the perimeter.
The Answer: Cyberstorage
For alleviating the complexities of active defense, there’s no better place to start than with cyberstorage solutions. In the July 2022 Hype Cycle for Storage and Data Protection Technologies, Gartner listed cyberstorage as an emerging technology across the cybersecurity landscape, concluding it “protects storage system data against ransomware attacks through the early detection and blocking of attacks, and aids in recovery through analytics to pinpoint when an attack started.” The report also found that “by 2025, 60% of all enterprises will require storage products to have integrated ransomware defense mechanisms” – a clear indicator of the rising need for cyberstorage adoption.
Rather than relying on traditional network-based zero-trust principles, cyberstorage solutions operate within a data-centric zero-trust model that blends artificial intelligence (AI)-powered active defense controls with advanced compliance and monitoring functionality so organizations can effectively detect, mitigate, and recover from data-based attacks in real time. It enhances an organization’s data maturity lifecycle by addressing the fundamental challenges of its data protection, data storage and data compliance processes through a holistic, three-tiered approach:
- Data Protection: Safeguarding primary and secondary data files from loss, theft, compromise and corruption while offering the ability to immediately restore data in the wake of an attack.
- Data Storage: Creating the architecture to safely store data on-premise or in the cloud and ensuring data is accurate, complete and of high quality when made accessible to users.
- Data Compliance: Alleviating critical vulnerabilities by ensuring all systems and users consistently maintain data security policies that are compliant with federal, state and industry regulations.
By combining agile storage operationality with active security protections that continually monitor user behavior, cyberstorage products can automate the identification of when a “good actor” becomes a “bad actor” and then actively stop them from executing their attack. They also help reduce compliance failure – a common denominator from the IBM report – by streamlining the compliance process with automated reporting and logging that eliminates manual, error-prone functions from the equation.
With accelerating cyber threats showing no signs of slowing down, the cost of data breaches will only continue to rise in the years to come. Now is the time to act. By taking proactive steps to adopt cyberstorage solutions and integrate active defense within their existing security architectures, organizations will be far more equipped to effectively protect their data and reduce financial losses.
GARTNER and HYPE CYCLE are registered trademarks and service marks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and are used herein with permission. All rights reserved.