Cyber Audits Can Save Businesses $1.5m

Uploaded on 2018-08-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

According to a report sponsored by IBM Security, the average global cost of a data breach is now calculated to be $3.86 million. However, the same report also shows that companies that can find a security breach within 30 days of its occurrence can shave as much as $1 million from that average cost.

The research conducted by Ponemon Institute for IBM Security also found that organisations using auditing and logging tools that leverage artificial intelligence, machine learning, and other automated structures saved more than $1.5 million off the average cost of a data breach.

In other words, organisations protecting their information technology infrastructure with advanced systematic monitoring, logging, and auditing procedures cut the average cost of each security breach by more than a million dollars just by having a system in place. 

Since security breaches are inevitable in our current business environment, it is imperative that every organisation implement a strategic plan for auditing their networks.

Automated Auditing
Auditing and logging network traffic, Internet access, file transfers, user activity, permission changes, and myriad other day-to-day activities is the first line of defense in establishing integrity for mission-critical systems. However, creating a framework for monitoring and reviewing those events so that security-related incidents and other critical problems can be addressed and mitigated quickly is just as important.

New automated tools are being developed to help enterprises maintain a robust and responsive system auditing strategy. 
For example, PwdPwn, from Sydney developer Luke Millanta, can audit an Active Directory database with more than 5,000 passwords within 15-30 seconds. 

Performed manually, this basic security auditing procedure would typically take one full day or more to accomplish.
Whatever degree of automation your enterprise is using to audit and monitor its IT infrastructure, there should be a strategic plan of action in place that explains what is being logged, who is responsible for reviewing the reports, and how the organisation will respond to a security breach. 

Tech Pro Research offers an Auditing and logging policy that provides a framework for monitoring and reviewing events that could signal and announce serious problems.

In the current business environment, a security breach of your IT infrastructure is practically inevitable. Having a strategic plan to audit for that impending security breach and respond to it quickly and decisively could be the only thing that separates a successful enterprise from a failing one.

TechRepublic:     Image: Nick Youngson

You Might Also Read: 

Cyber Security is Now Business Critical (£):

Cybersecurity Due Diligence Is Critical:

 

 

« The Market For Cybercrime Tools Is Thriving
Facebook & Instagram Now Show How Long You Use Them »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Global Learning Systems (GLS)

Global Learning Systems (GLS)

Global Learning Systems provides security awareness and compliance training programs for employees that effectively promote behavior change and protect your organization.

Global EPIC

Global EPIC

Global EPIC is an international cybersecurity initiative designed to combat growing world challenges by facilitating global collaboration in the field of cyber security.

AngelList

AngelList

AngelList champion startups and the people who empower them. Search tech & startup jobs, find new tech products, and invest in startups.

Britive

Britive

The Britive Platform is a cloud-native security solution built for the most demanding cloud-forward enterprises.

HARMAN International

HARMAN International

HARMAN designs and engineers connected products and solutions for automakers, consumers, and enterprises worldwide.

Audea

Audea

Audea is a consultancy firm specialising in cybersecurity, risk and compliance. We provide professional services addressing all areas of Cybersecurity and GRC.

Grant Thornton

Grant Thornton

Grant Thornton is one of the world’s leading networks of independent assurance, tax and advisory firms.

Varen Technologies

Varen Technologies

Varen Technologies is an innovative consulting partner with highly respected cyber security, analytics, Agile Software Development and IT/maintenance expertise.

FPG Technologies & Solutions

FPG Technologies & Solutions

FPG Technology is a technology solutions provider and systems integrator, specializing in delivering IT Consulting, IT Security, Cloud, Mobility, Infrastructure solutions and services.

Novacoast

Novacoast

Novacoast helps organizations find, create & implement solutions for a powerful security posture through advisory, engineering, development & managed services.

PROVINTELL Cyber Security

PROVINTELL Cyber Security

PROVINTELL is a Managed Security Service Provider (MSSP) specialising in Next-Gen Cyber Defense and Response to detect and respond to threats.

The Purple Guys

The Purple Guys

The Purple Guys offer Trouble-Free IT Support to businesses across the Central and Southern US. Safe and Secure, Rapid Response, Friendly Support that’s our Purple Promise.

BBS Technology

BBS Technology

BBS Technology is a company that develops and delivers next-generation cyber security technologies worldwide.

SecuCenter

SecuCenter

Secucenter is a trusted partner for SOC services, offering security expertise in a cost-effective way.

Sasken Technologies

Sasken Technologies

Sasken’s Cybersecurity Services enables enterprises to develop, maintain, and take digital products to the market with security postures that empower operational excellence.

CHERI Alliance

CHERI Alliance

CHERI Alliance is an industry initiative spearheading the global adoption of the Capability Hardware Enhanced RISC Instructions (CHERI) security technology across the computing industry.