Today, data breaches happen almost every day, affecting every industry, every company, and every person profoundly. A few days ago, IBM Security released the “2022 Cost of Data Breach Report” (hereinafter referred to as the report), which shows that the economic loss and impact of data breaches on enterprises and organizations has reached an unprecedented level caused an average loss of up to $4.35 million.
In the economic loss of 4.35 million US dollars, the most serious loss area is North America, and the medical industry has been the most serious loss industry for 12 consecutive years. It can be clearly seen from this trend that industries such as medical care, bioscience, and energy are gradually becoming important targets of cyber attacks, which is also the direction that IBM needs to focus on strengthening globally.
The report shows that 45% of data breaches are cloud-based and originate from critical infrastructure organizations. Of these, nearly 80% of critical infrastructure organizations surveyed have not yet adopted a zero trust strategy, and these critical infrastructures’ An over-trusted network environment can actually create a very large security risk, as threat actors disrupt the interdependent global supply chain by attacking these critical infrastructure organizations, which involve financial services, industrial, transportation and medical and health care.
BM research found that businesses that choose to pay a ransomware ransom to a threat actor in the event of a data breach spend only $610,000 less on average than businesses that refuse to pay the ransom, but that doesn’t include the ransom itself . This shows that simply paying the ransom is not advisable. Meanwhile, the average cost of a data breach was $3.05 million lower for surveyed organizations that had fully deployed technologies focused on AI and automation than those that did not. This suggests that deploying technologies focused on AI and automation is the most cost-effective factor for companies to respond to data breaches. IBM believes that the top three factors contributing to the highest cost of data breaches are the complexity of security systems, cloud migration, and compliance failures.
Enterprises should adopt the correct strategies and technologies to actively deal with cyber-attacks and data leakage. The first is to implement a zero-trust strategy of strictly controlling privileged access, never trusting, always verifying, and assuming vulnerabilities. During this process, companies focus on detecting and continually patching vulnerabilities in their systems. At the same time, it is necessary to do active threat hunting and eliminate the attack outside the defense line. In addition, it is the application of MFA multi-factor authentication technology and artificial intelligence and analysis technology. The second is to strengthen drills and do a good job in event simulation. The third is to use an open architecture and an integrated security approach to reduce system complexity.
How to make a zero trust strategy better
From a technical point of view, zero trust is a framework that can be used to modernize the overall security program, and can deal with various risks in the continuously changing business environment. The design principles of IBM’s Zero Trust security strategy include: strictly control privileged access, never trust, always verify, and assume vulnerabilities. This design principle not only provides enterprises with a roadmap for compliance with security capabilities, but also guides how enterprises can integrate into a zero-trust architecture.
Report” shows that nearly 80% of the critical infrastructure organizations surveyed have not adopted a zero-trust security strategy. There are multiple reasons for this, starting with not realizing the value of applying a zero-trust architecture. “We see that many companies, facing the frequent occurrence of data leakage incidents, are weighing whether to adopt a zero-trust architecture or to what extent after adopting a zero-trust architecture.
For a long time, IBM has been conveying a philosophy to customers: Security is not just the job of IT staff, but the work of all employees working together across the enterprise. Therefore, IBM believes that in order to better penetrate the zero trust strategy into the overall security system of the enterprise, the enterprise needs to accept zero trust fundamentally and conceptually from top to bottom, and at the same time be strict in technology, process and regulatory system. Implementing a zero trust strategy, this awareness and the transformation of enterprise processes can make the zero trust strategy deeply rooted in the hearts of the people.
Taking the practice of a large agricultural and animal husbandry enterprise as an example, the enterprise has reached a consensus from enterprise leaders to the entire business team and IT team, and believes that the core of the security strategy is to continuously enhance the ability of active security defense. IBM provides core technology and support in this regard, helping enterprises build the QRadar intelligent analysis platform that integrates the IT domain and the OT domain.
