Be sure to assess the security and privacy practices of all third-parties before you give them access to your systems. They’re a major cause of data breaches.
Of the 44% of companies that experienced a data breach in the last year, nearly three quarters of them (74%) say it was because they gave too much privileged access to third parties.
That’s according to a new report by SecureLink and the Ponemon Institute.
The great data breach damage minimizer
Unfortunately when a third party is involved, everything isn’t within your control.
The good news: The No. 1 way to minimize the damage of a breach completely is. Having an incident response team is the best move you can make, finds the 2018 Cost of a Data Breach Study: Global Overview by the Ponemon Institute.
An incident response team reduces the cost-per-compromised-record by $14. (Not to mention the damage to reputation and business relationships.)
So when you consider that the average cost of a data breach is $148 per record, having just this one measure in place will bring that down to $134.
Putting a team in place
Now you know just how critical it is to have an incident response team. But do you know how to build one?
It should offer a comprehensive response to a data breach, which includes:
- technical actions taken (steps to correct the current incident, as well as system changes to keep it from happening again), and
- nontechnical actions (employee communications, dealing with legal issues and any personnel issues if the breach was an inside job).