Sooner or later, your organisation will suffer a data security breach. This may sound like the opinion of a fatalist. However, CIOs and CSOs increasingly accept that such a breach is inevitable.
A data security breach is like catching a cold. If you’re fit and well otherwise, a cold can be a minor annoyance that soon finishes. On the other hand, if you’re unfit or unwell, you might come down with pneumonia, bronchitis, or a similar serious and debilitating illness.
The parallel to be made for enterprises and organisations is in their quality of business continuity management. A recent report shows how BCM saves time and money to help keep a data breach more at the level of a sneeze than a stay in hospital intensive care.
“2015 Cost of Data Breach Study: Global Analysis” was a report prepared by the Ponemon Institute, sponsored by IBM. Among other things, the report stated that the cost per compromised record (on average overall, $154 per record over the preceding 12 months) could be reduced by $7.10 when BCM was involved.
By comparison, when boards of directors take a more active role (also a positive factor), cost of a data breach was reduced by $5.50 per record, while with insurance protection, cost was reduced by $4.40 per record.
The report also presented statistics on the time needed to spot and contain a data breach, and the associated financial consequences. For example, an average of 256 days was needed to identify malicious attacks, compared to an average of 158 days for breaches due to human error.
Reducing the time in each case would lower the costs to the organisation suffering the data breach. The report found that the days to identify and days to contain such an incident were substantially lower for organizations involving BCM.
Taking overall averages, BCM involvement reduced MTTI (mean time to identify) from 234 to 178 days, and reduced MTTC (mean time to contain) from 83 to 55 days. In summary, these are yet further ways that business continuity management can save an organisation money.