Is Your Business Investing in Data Loss Prevention? It Should Be
Data Loss Prevention is Essential for Ensuring Business Continuity
Carely Kimball, Media Specialist
5 Min Read
While it may be uncomfortable to think about, Data Loss Prevention has become an increasingly pressing issue for many small and medium businesses (SMBs). Not only does losing data slow – or even halt – the flow of regular business, but the cost is increasing as well.
The total cost of data breaches is rising – up 10% from 2020 to 2021, according to a 2021 Cost of a Data Breach Report from IBM Security and the Ponemon Institute. Globally, the study averages the total cost of a data breach at $4.24 million, with lost business accounting for 38% of the average cost. Lost business costs include business disruption and revenue losses from system downtime, cost of lost customers and acquiring new customers, reputation losses and diminished goodwill.
Healthcare, Financial and Pharmaceutical industries have been hit the hardest. Customer Personally Identifiable Information (PII), Anonymized customer data, Intellectual property, and Employee PII were the four top categories of compromised records.
How Do Data Breaches Happen?
According to Verizon’s 2022 Data Breach Investigations Report, 82% of breaches involved the human element.
Verizon breaks down data breaches into eight categories or “patterns.”
Figure 1: Patterns Over Time in Breaches (Verizon, 2022 Data Breach Investigations Report, Pg. 24, Figure 33)
Phishing and Business Email Compromise (BECs) continue to take the lead as main entry points for bad actors to access secure information within an organization. While only 2.9% of employees may actually click on phishing emails, a finding that has been steady over time, that is still more than enough for criminals to continue to use it, according to Verizon’s report.
“For example, in our breach data alone, there were 1,154,259,736 personal records breached,” the study explained. “If we assume those are mostly email accounts, 2.9% would be 33,473,532 accounts phished, (akin to successfully phishing every person in Peru).”
BECs, specifically those that involved the use of stolen credentials, made up for 59% of this type of attack. These figures represent just how important it is for companies to invest in cybersecurity training programs, like those offered by Security Awareness and Training Solutions company KnowBe4 for their employees.
Savvy Businesses Need to be Aware of Ransomware
Even with training, hackers can still steal valuable information and hold it hostage. Ransomware has exploded in the public’s consciousness, especially as more companies shift remote and don’t always put the necessary safeguards in place to keep data secure.
Ransomware is a type of malicious software that encrypts your data so that you cannot view or utilize it, and once the ransomware is triggered the threat actor demands a (frequently large) payment to unencrypt it.
The first case of Ransomware showed up in Verizon’s Data Breach Investigations Report in 2013.
“When targeting companies, typically SMBs, the criminals access victim networks via Microsoft’s Remote Desktop Protocol (RDP) either via unpatched vulnerabilities or weak passwords,” the report read. “Once they’ve gained initial access, they then proceed to alter the company’s backup so that they continue to run each night but no longer actually backup any data.”
Figure 2: Ransomware Over Time in Breaches (Verizon, 2022 Data Breach Investigations Report, Pg. 27, Figure 38)
Almost a decade later, Ransomware has evolved into a global affair that cost the world $20 billion last year alone. That number is expected to rise to $265 billion by 2031, according to an annual report from Cybersecurity Ventures. The average cost of a Ransomware breach is more than the average breach – an estimated $4.62 million, according to IBM Security and the Ponemon Institute. These costs included escalation, notification, lost business and response costs, but did not include the cost of the ransom.
While SMBs might believe the targets of Ransomware attacks are large global companies, think again. Sophos’ The State of Ransomware 2021 Report estimates 37% of businesses worldwide were hit with Ransomware. Of all Ransomware attacks in 2020, 55% hit businesses with fewer than 100 employees, while an entire 75% of attacks were on companies making less than $50 million in revenue, according to Coveware.
The average ransom for a small business is $5,900. However, law enforcement authorities encourage companies to report incidents and refuse payment. It isn’t guaranteed that data will be returned with payment to cybercriminals.
For very small businesses, those operating with less than ten employees, the number one data threat remains ransomware attacks.
“Small organizations are just as enticing to criminals as large ones, and, in certain ways, even more so,” Verizon’s report noted. “Threat actors have the ‘we’ll take anything we can get’ philosophy when it comes to cybercrime. These incidents can and have put small companies out of business. Therefore, it is crucial that even very small businesses should take precautions to avoid becoming a target.”
How Can GDC Help Protect Your Business from Data Loss?
Human error and Ransomware just scratch the surface of how essential data can be lost forever. System failures, natural disasters, accidental deletion, fire – you get the point. A million things could go wrong where your data is lost and operations are sidelined, permanently.
It’s crucial to set up a backup plan now, so if something happens, data can be seamlessly recovered.
To protect your business, invest in data loss prevention. Global Data Consultants (GDC) offers businesses scalable data backup and business continuity planning services to ensure the organization’s ability not just to salvage, but to restore, basic business operations and core profitability functions when offline.
Data Backup and Recovery Packages From 1 TB to 40 TB+ Available
- Packages from 1TB to 40TB+ available
- Onsite, offsite, and hybrid solutions
- Restore server image and data to most hardware
- Convert image data to a virtual server environment
- Managed file restoration services
- Expandable storage
- Virtual server availability for business continuity
- Onsite and offsite backups reduce recovery time
- Compliance with business continuity plans
- GDC service team can assist as needed
- GDC data center can support any recovery option
- No hardware to invest in or maintain
- Worry free data backup solution
- Monitored and maintained
Do you have an insurance policy to protect your business data?
Cyber insurance is another option that delivers peace of mind that if critical data is lost, business operations remain protected.
How do you know if the backup completed or failed?
of businesses have no planned protection for their data
of businesses are not confident they could recover from a system failure
of businesses experience local backup failures every year
Synchronized Image Data Transfers
GDC streamlines image data transfers by checking for the differences between two data containers to avoid the unneeded transfer of data. GDC’s unique approach creates two lines of backup – physically, on site and replicated to the cloud. By offering this dual approach, there is an extra layer of security and recovery time is often significantly faster, allowing businesses to get back to what is most important – serving their clients.