Study finds CISO appointment, business continuity shrinks breach costs
Having business continuity staff involved in remediation reduced costs by $13 per compromised record, the report said.
By appointing a CISO, breached organizations stand to fare better in their response efforts, lessening their costs by $10 per compromised record, an annual study found.
On Monday, the “2014 Cost of Data Breach Study: United States” was released, offering insight on management efforts which can improve incident response at companies. The ninth annual study, which was sponsored by IBM and conducted by the Ponemon Institute, polled 61 U.S. companies across 16 industries, after firms experienced “the loss or theft of protected personal data and then had to notify breach victims as required by various laws,” the report said.
The study found that the average number of breached records at organizations was around 29,000 records last year. Additionally, the cost of each lost or stolen record, on average, increased from $188 to $201 per record between 2012 and 2013.
The report also noted that the appointment of a CISO, and even the involvement of business continuity management (BCM) in the response process, noticeably shrunk the costs of breaches per record. For instance, having business continuity staff involved in remediation reduced costs by $13 per compromised record (as opposed $10 per record saved under CISOs), the report said.
Though BCM and the presence of a CISO influenced costs, foundational steps, like having an incident response plan and strong security posture prior to incidents, held highest consequence.
A strong security posture reduced the average cost of data breaches by $21 per compromised record, while having an incident response plan in place shrunk costs by $17 per record, the report found.
On Monday, Larry Ponemon, chairman and founder of the Ponemon Institute, told SCMagazine.com that, for the first time, the annual study highlighted how having BCM staff more involved in breach incidents improved response efforts.
“We are seeing that large, successful companies with mature security programs, are normally getting their BCM people involved in the data breach process,” Ponemon said.
Business continuity staff, which focus on enabling the continuation of business operations in the face of disruptions, including natural disasters, can provide needed help with breach response, he explained.
“The smart people are saying, get these people addressing cyber risks or cyber security,” Ponemon said. “We've seen more successful companies integrating BCM with security.”