Keine Angst vor Blitzeinschlägen – Cyberattacken sind viel häufiger

Es ist schon fast zur Binse geworden: Es ist nicht mehr die Frage, ob eine Cyberattacke stattfindet, sondern die Frage lautet inzwischen wann.

SecurityIntelligence zieht einen interessanten Vergleich von Cyberattacken mit einer Naturgewalt:

Think about it this way: The chances of being struck by lightning this year are 1 in 960,000. When it comes to experiencing a data breach, according to the Ponemon Institute’s “2017 Cost of Data Breach Study: Global Overview,” the odds are as high as 1 in 4. Therefore, organizations must understand the probability of being attacked, how it affects them and, even more importantly, which factors can reduce or increase the impact and cost of a data breach.

Diese Zahlen machen das Ausmaß von Cyberattacken klar. Unvermeidlich wie eine Naturkatastrophe sind sie jedoch nicht, wenn IT-Abteilungen und Unternehmen im Zweifelsfall mit schnellen Prozessen reagieren.

Die  “Cost of Data Breach Studie”, von IBM unterstützt und unabhängig vom Ponemon Institut durchgeführt, kommt laut SecurityIntelligencezu folgenden Ergebnissen:

The findings revealed that the average total cost of a data breach is $3.62 million in 2017, a decrease of 10 percent over last year. Additionally, the global average cost per record for this year’s report is $141, which represents a decrease of 11.4 percent over last year.

Despite the reduction in cost, the average size of a data breach increased by 1.8 percent to 24,089 records. The influencers that impact the cost of a data breach are driven by the country and the IT initiatives underway.

Die Studie hält auch gute Nachrichten parat. – weil die „Katastrophe“ eben nicht unausweichlich ist: Eine erfolgsversprechende Lösung ist etwa die Installierung eines internen oder auch externem „Incident Response Team“. Durch ein solches Team werden die Reaktionszeiten auf eine Cyberattacke schneller, was dann die Kosten minimiert.

SecurityIntelligence gibt auch weitere konkrete Tipps, wie die Reaktionszeit erhöht werden kann:

1.Speed to respond is critical. The more quickly you can identify what’s happened, what the attacker has access to, and how to contain and remove that access, the more successful you will be.

2. Set up retainers in advance. In the event of a breach, an experienced team of incident response experts can help you quickly identify and contain the attack, and minimize costly delays.

3. Access the data needed to answer investigative questions. Be prepared to provide responders with logs and tools to help them understand what happened. For example, what did the attackers access and what did they copy or remove from your environment?

4. Mitigate the attacker’s access quickly. Plan with the IT staff in advance to understand how to be effective and efficient in a crisis. Consider the following: How to execute an enterprisewide password reset quickly; How to reset your service accounts; and How many of your service accounts have domain administrator credentials.

5. Establish an internal communications plan. If you have to shut down parts of your environment or reset thousands of users’ passwords, your employees will have a lot of questions. This speculation can have critical ramifications, so it’s important to document a plan to ensure that your employees understand what they can and cannot share publicly.

Hier können Sie die „Cost of Data Breach Studie” herunterladen.

Kommentar verfassen