According to IBM’s 2022 “Cost of a Data Breach Report”, aside from legal fees the average cost of a breach is approximately $4.5 million dollars globally and nearly $10 million dollars in the United States.
The IBM report states that 90% of all breaches occur due to human error. Out of that, most are associated with social engineering security attacks, including the following preventable attacks:
Although these types of attacks are nearly 100% preventable, most companies do not have the right incident response policies in place to prevent these attacks in the first place.
This is because most companies do not employ an Incident Response Team (IRT) to address security attacks, both online and physical onsite attacks.
As a result of not having good policies managed by a capable IRT, most companies remain vulnerable to many attack vectors, including those associated with nation-state attackers/hackers from adversarial countries or even bad actors from business competitors or criminal organizations.
Social engineering attacks are nearly 100% launched for monetary purposes. However, some attacks centered on critical infrastructure are centered on causing chaos, destruction, and physical harm, including death.
Whatever the reason for an attack, all organizations, businesses, major corporations, and government entities need to adopt strong social engineering security attack policies managed by a competent IRT who is familiar with the network from the enterprise to the edge.
An incident response team does not have to be made up of new personnel adding cost to your bottom line. In fact, most IRTs include existing employees and contractors such as:
A good IRT includes any key personnel that touches the network, including critical infrastructure, at the local to enterprise levels, as well as end points/at the edge.
There are some costs associated with organizing and maintaining a good IRT, but it could be worse. The price of a single network and/or security breach can cost more than $10 million dollars when physical damage is done to a network, including critical infrastructure, or if financial or physical harm occurs as a result of the breach.
In part 2 of this article series, we will look at attack vectors and best practices, which consists of polices centered on proactive and reactive measures in dealing with localized to enterprise security events and/or attacks.
Rex M. Lee is a Privacy and Cybersecurity Advisor, Tech Journalist and a Senior Tech/Telecom Industry Analyst for BlackOps Partners, Washington, DC. Find more information at CyberTalkTV.com