Infographic: Inside Data Breaches
3 likes422 views
Data breaches are a significant concern for cybersecurity teams, who can face thousands of alerts daily that often lead to hours of fruitless investigations. The document discusses how integrating AI and machine learning can enhance security analytics by identifying critical threats from massive event data. The financial impact of a breach is substantial, with average costs depicted and highlighted by Equifax's $7 billion loss following its breaches.
Infographic: Inside Data Breaches
- 1. ! ! ! ! ! ! ! ! !! ! ! ! ! ! Inside Data Breaches Sources: “Cybersecurity: Why Context Matters and How Do We Find It” and “Cybersecurity: The End of Rules Is Nigh” (Hortonworks); “What Your Security Scientists Can Learn From Your Data Scientists to Improve Cybersecurity” (TechCrunch) The Neverending SOC Cycle Security teams can get thousands of SIEM system alerts each day. After deciding which are most pressing, they’ll spend hours investigating a threat. Here’s one example of this often-fruitless search. How to Catch a Thief Security analytics combined with AI and machine learning is transformative. Interset’s big-data processing swiftly pinpoints threats, while expanding visibility to get a contextual picture of enterprise risk. The solution lies in distilling billions of events into hundreds of anomalies, then into a handful of actionable SOC leads. Guess Choose an alert to pursue Console Look at 8+ SOC dashboards for context Console Check SIEM, and spot 2 IP addresses Research Figure out which systems the IP address match Research Determine if IP addresses are good or bad Research Look at asset-inventory system for application owners Setback Email owners, due to out-of-date asset-inventory system Research Find out when system was last scanned Research Figure out if the system has been patched Console See if the system has been backed-up Email Request a one-off vulnerability scan Research Check if backend has been tested Setback Discover disaster-recovery is only annual Console Find where log files are being sent Setback Not all log files are available Email Request missing logs Email Receive missing logs within 2 hours Setback 4+ hours later, realize that this is a false alarm Guess Start this process again, with next alert !! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !! ! ! ! ! ! ! ! !! ! ! ! ! ! ! ! ! ! ! ! ! ! ! !! ! ! ! ! ! Security Audit ($10K-120K) Remediation + Extra Security (varies) Regulatory Fines (% of annual revenue) Crisis Management ($200-500/hr) Incident Response + Investigation ($20K-10M) Customer Notifications ($5-10/customer) Discounts + Gift Cards (varies) Legal Settlements ($11.2M-115M) Legal Counsel ($390-$1,200/hr) Employee Turnover (21% of annual salary) New CISO ($223K-420K salary) Recruiting New CISO (20-50% of salary) One Data Breach Costs $3.62 Million And that’s just the average. Below, a breakdown of how expensive a security incident can get. $ $ $ $ $ $$ $ $ $ $ $ All numbers represent average costs. Sources: 2017 Cost of Data Breach Study (IBM Security and Ponemon Institute); Calculate the Business Impact and Cost of a Breach (Forrester, 8/31/17); http://www.fairinstitute.org/blog/what-is-open-fair-and-who-is- the-open-group Stock figures as of 9/20/17. Source: Stock Chart and Quote (via Equifax.com) Equifax Has Lost $7 Billion A pair of breaches caused its stock to plummet 65%—in a little more than one week Sep 11, 2017 141.35 Sep 19, 2017 92.98 How Long Does It Take to Discover a Breach? Dwell time can span from hours to years Sources: 2017 Data Breach Investigations Report (Verizon); 2017 Cost of Data Breach Study (IBM Security and Ponemon Institute); M-Trends 2017: A View From the Frontlines (Mandiant) Hours 2.6% Days 7.8% Weeks 7.8% Months 42.9% Years 38.9% % OF TIME COMPANIES 99 Days 66 Days Breach Dwell Time Time to Contain It