AN EXCLUSIVE FOR MALAYA BUSINESS INSIGHT
By Dr. Renne Barcelona
Country Security Services Delivery Leader,
IBM Philippines
With cyberattacks continuing to grow in the Philippines, data breaches have become a significant concern for all organizations, especially in the financial, banking and manufacturing industries.
Based on the in-depth analysis of real-world data breaches experienced by over 500 organizations including those in ASEAN and in the Philippines, in 2021, data breaches cost surveyed companies $4.24M per incident on average — the highest cost in the 17-year history of the report.
Higher data breach costs are yet another added expense for businesses in the wake of rapid technology shifts during the pandemic, with increased remote working and digital transformation as key factors.
While data breach costs reached a record high over the past year, the report also showed positive signs about the impact of modern security tactics, such as AI and automation, as levers that will help pull in the fight against cyberattacks and reduce the cost of these incidents.
Saving time and costs on data breaches
The report shows that the data breach cost of organizations which adapted AI and automation is on average cost of over $3 million less compared to businesses which do not have AI and Automation in place.
For organizations with fully-deployed security automation and AI, it took an average lifecycle of 247 days to identify and contain the data breach. Moreover, for organizations with no security AI/automation deployed, it took an average of 239 days to identify a data breach and an average of 85 days to contain it, with a total lifecycle of 324 days from identification to containment. The longer it takes for an organization to contain the data breach, the bigger the loss of revenue is.
To put the difference of 77 days into perspective, a breach occurring on January 1 for fully deployed organizations would on average take until September 4 to identify and fully contain the breach. In contrast, for organizations with no security automation deployed, a breach would take on until November 20 to identify and contain.
AI and security automation
Security automation are tools that augment human workforce in the detection and containment of cyberattacks and intrusion attempts. This includes solutions that depend on artificial intelligence, machine learning, security analytics and automated security orchestration.
AI has been proven to be beneficial to increase business efficiency, enhanced accuracy & precision, has no downtime and has a smart decision-making process. Security automation tools and AI can help teams uncover security risks and threat vectors, while advanced analytics can help automate threat hunting, response and remediation. This includes sequenced-based analytics, outlier-detection analytics, risk-spotting algorithms and threat-detection analytics.
A zero trust model for cybersecurity also relies on AI and analytics to constantly validate connections between users, data and resources, based on the assumption that user IDs and network traffic may already be compromised. It is rapidly becoming the model of choice for most organizations nowadays as it will significantly reduce any potential business risks, data breach and increased visibility over the technology environment.
Today, many organizations across the globe have shifted into a remote work model, IBM Cloud Pak for Security can advance the zero trust strategy and help organizations protect their data, modernize and manage applications securely across any cloud environment.
Beyond data breaches
The healthcare and financial industries have additional regulatory compliance requirements around their data, AI can help bridge these gaps in order for organizations to comply with their regulators. As a result, most healthcare and financial industries have invested more resources in AI and security automation in recent years.
As cyberattacks grow in volume and complexity, applying security automation and AI will help most organizations to stay ahead of threats.
