Cyber Audits Can Save Businesses $1.5m

Uploaded on 2018-08-23 in TECHNOLOGY--Resilience, NEWS-Cybersecurity News, FREE TO VIEW

According to a report sponsored by IBM Security, the average global cost of a data breach is now calculated to be $3.86 million. However, the same report also shows that companies that can find a security breach within 30 days of its occurrence can shave as much as $1 million from that average cost.

The research conducted by Ponemon Institute for IBM Security also found that organisations using auditing and logging tools that leverage artificial intelligence, machine learning, and other automated structures saved more than $1.5 million off the average cost of a data breach.

In other words, organisations protecting their information technology infrastructure with advanced systematic monitoring, logging, and auditing procedures cut the average cost of each security breach by more than a million dollars just by having a system in place. 

Since security breaches are inevitable in our current business environment, it is imperative that every organisation implement a strategic plan for auditing their networks.

Automated Auditing
Auditing and logging network traffic, Internet access, file transfers, user activity, permission changes, and myriad other day-to-day activities is the first line of defense in establishing integrity for mission-critical systems. However, creating a framework for monitoring and reviewing those events so that security-related incidents and other critical problems can be addressed and mitigated quickly is just as important.

New automated tools are being developed to help enterprises maintain a robust and responsive system auditing strategy. 
For example, PwdPwn, from Sydney developer Luke Millanta, can audit an Active Directory database with more than 5,000 passwords within 15-30 seconds. 

Performed manually, this basic security auditing procedure would typically take one full day or more to accomplish.
Whatever degree of automation your enterprise is using to audit and monitor its IT infrastructure, there should be a strategic plan of action in place that explains what is being logged, who is responsible for reviewing the reports, and how the organisation will respond to a security breach. 

Tech Pro Research offers an Auditing and logging policy that provides a framework for monitoring and reviewing events that could signal and announce serious problems.

In the current business environment, a security breach of your IT infrastructure is practically inevitable. Having a strategic plan to audit for that impending security breach and respond to it quickly and decisively could be the only thing that separates a successful enterprise from a failing one.

TechRepublic:     Image: Nick Youngson

You Might Also Read: 

Cyber Security is Now Business Critical (£):

Cybersecurity Due Diligence Is Critical:

 

 

« The Market For Cybercrime Tools Is Thriving
Facebook & Instagram Now Show How Long You Use Them »

ManageEngine
CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CROW - University of Waikato

CROW - University of Waikato

CROW is the first cyber security lab established in a New Zealand educational institution at the University of Waikato.

CERT-In

CERT-In

CERT-In is a functional organisation of the Ministry of Information & Electronics Technology, Government of India, with the objective of securing Indian cyber space.

Institute for Critical Infrastructure Technology (ICIT)

Institute for Critical Infrastructure Technology (ICIT)

ICIT is a leading cybersecurity think tank providing objective research, advisory, and education to legislative, commercial, and public-sector cybersecurity stakeholders.

PSC

PSC

PSC is a leading PCI and PA DSS assessor and Approved Scanning Vendor.

Namogoo

Namogoo

Namogoo’s disruptive technology identifies and blocks unauthorized product ads that are injected into customer web sessions by client-side Digital Malware.

CSIRT GOV - Poland

CSIRT GOV - Poland

Computer Security Incident Response Team CSIRT GOV, run by the Head of the Internal Security Agency, acts as the national CSIRT responsible for coordinating the response to computer incidents.

MSPAlliance

MSPAlliance

MSPAlliance is the world’s largest industry association and certification body for cloud computing and managed service professionals.

Sabat Group

Sabat Group

Sabat Group provide relationship-driven information security & cyber security recruiting services.

HMS Networks

HMS Networks

HMS stands for Hardware meets Software. Our technology enables industrial hardware to communicate and share information with software and systems.

NTT Group

NTT Group

NTT offers agile, scalable technology services to bring it all together seamlessly, securely, and sustainably. We help you adopt a holistic security approach across your network, clouds, applications.

RedLegg

RedLegg

RedLegg is a master provider of information security services, a boutique, nimble, old-fashioned customer service company that enjoys the technology battlefield.

Inspectiv

Inspectiv

Inspectiv offers a turn-key solution to continuously identify security vulnerabilities and provide security assurance.

MyCISO

MyCISO

MyCISO is the World’s first SaaS application that will vastly simplify security management for all.

MIS Solutions

MIS Solutions

MIS Solutions is a managed cloud and IT security partner making technology work for you.

Credo AI

Credo AI

Credo have pioneered a Responsible AI platform that enables context driven, comprehensive and continuous governance, oversight and accountability of AI.

Couno

Couno

Couno is a trusted provider of IT support services throughout the UK and Europe.