Cyber Audits Can Save Businesses $1.5m

Uploaded on 2018-08-23 in TECHNOLOGY--Resilience, NEWS-News Analysis, FREE TO VIEW

According to a report sponsored by IBM Security, the average global cost of a data breach is now calculated to be $3.86 million. However, the same report also shows that companies that can find a security breach within 30 days of its occurrence can shave as much as $1 million from that average cost.

The research conducted by Ponemon Institute for IBM Security also found that organisations using auditing and logging tools that leverage artificial intelligence, machine learning, and other automated structures saved more than $1.5 million off the average cost of a data breach.

In other words, organisations protecting their information technology infrastructure with advanced systematic monitoring, logging, and auditing procedures cut the average cost of each security breach by more than a million dollars just by having a system in place. 

Since security breaches are inevitable in our current business environment, it is imperative that every organisation implement a strategic plan for auditing their networks.

Automated Auditing
Auditing and logging network traffic, Internet access, file transfers, user activity, permission changes, and myriad other day-to-day activities is the first line of defense in establishing integrity for mission-critical systems. However, creating a framework for monitoring and reviewing those events so that security-related incidents and other critical problems can be addressed and mitigated quickly is just as important.

New automated tools are being developed to help enterprises maintain a robust and responsive system auditing strategy. 
For example, PwdPwn, from Sydney developer Luke Millanta, can audit an Active Directory database with more than 5,000 passwords within 15-30 seconds. 

Performed manually, this basic security auditing procedure would typically take one full day or more to accomplish.
Whatever degree of automation your enterprise is using to audit and monitor its IT infrastructure, there should be a strategic plan of action in place that explains what is being logged, who is responsible for reviewing the reports, and how the organisation will respond to a security breach. 

Tech Pro Research offers an Auditing and logging policy that provides a framework for monitoring and reviewing events that could signal and announce serious problems.

In the current business environment, a security breach of your IT infrastructure is practically inevitable. Having a strategic plan to audit for that impending security breach and respond to it quickly and decisively could be the only thing that separates a successful enterprise from a failing one.

TechRepublic:     Image: Nick Youngson

You Might Also Read: 

Cyber Security is Now Business Critical (£):

Cybersecurity Due Diligence Is Critical:

 

 

« The Market For Cybercrime Tools Is Thriving
Facebook & Instagram Now Show How Long You Use Them »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

SABSACourses

SABSACourses

SABSA is a development process used for solving complex problems such as IT Operations, Risk Management, Compliance & Audit functions.

NSFOCUS Information Technology

NSFOCUS Information Technology

NSFOCUS is a global service provider and enterprise DDoS mitigation solution provider.

Security Mentor

Security Mentor

Security Mentor provides innovative, online security awareness training designed for how people learn and work.

C2B2 Consulting

C2B2 Consulting

C2B2 are experts in middleware support and consultancy. We specialise in ensuring scalability, performance and security of large scale systems.

Titania

Titania

Titania provide network security and compliance software. Find your Network Security gaps before hackers do with our security & compliance tools.

Protection Group International (PGI)

Protection Group International (PGI)

PGI helps organisations and governments to manage digital risk. From cyber security services to business intelligence, we help reduce the risks to your finances, reputation, assets and people.

Center for Identity - University of Texas at Austin

Center for Identity - University of Texas at Austin

The mission of the Center is to deliver the highest-quality discoveries, applications, education, and outreach for excellence in identity management, privacy, and security.

Elastic

Elastic

Elastic is the world's leading software provider for making structured and unstructured data usable in real time for search, logging, security, and analytics use cases.

Mnemonica

Mnemonica

Mnemonica specializes in providing data protection system, information security compliance solutions, cloud and managed services.

Clari5

Clari5

Clari5 redefines real-time, cross channel banking Enterprise Fraud Management using a central nervous system approach to fight financial crime.

Research Institute in Verified Trustworthy Software Systems (VeTSS)

Research Institute in Verified Trustworthy Software Systems (VeTSS)

The main purpose of VeTSS is to support program analysis, testing and verification, to achieve guarantees of software correctness, safety, and security.

Cynance

Cynance

Cynance are an award-winning, independent cyber security specialist and part of the Transputec family of companies.

D2 Network Associates (D2NA)

D2 Network Associates (D2NA)

D2NA help businesses deliver and achieve their goals, through innovative IT solutions, robust cyber security services and proactive IT managed services.

Fullstack Academy

Fullstack Academy

A trailblazer in bootcamp education, Fullstack Academy prepares students for fulfilling careers in tech through our NYC campus, online learning, and university partnerships.

Cylab - Carnegie Mellon University

Cylab - Carnegie Mellon University

Carnegie Mellon University CyLab is the University's security and privacy research institute.

Turngate

Turngate

Turngate simplify security investigations so you can see employee activities and entitlements in your enterprise in seconds.