What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4...
Transcript of What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4...
![Page 1: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/1.jpg)
What is the Cost of a Data Breach?Sebastian Hess | Cyber Risk Engineer | D/A/CH AIG Europe Limited
IoT & Device Security Conference, 6 December 2017
#IoTDS
![Page 2: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/2.jpg)
IoT Today - Facts
#IoTDS
Companies with revenues under $5 million annually hit by an IoT breach expected it to cost them 13.4
percent of their total revenue1
More Than 25 Percent of Identified Attacks in Enterprises Will Involve IoT by 2020²
IoT Security to Make Up 20% of Annual Security Budget by 2020³
Source: 1AltmanVilandrie & Company June 2017, ²Gartner April 2016, ³Gartner, Januar 2016, Getty Images
![Page 3: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/3.jpg)
Cost of a Cyber Breach
![Page 4: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/4.jpg)
Cost of a Cyber Breach - Categories
Types of Cost
• Business Disruption
• Information loss
• Revenue loss
• Equipment damages
• Other cost
Companies investment
• Detection
• Containment
• Recovery
• Investigation
• Incident Management
• Ex Post Response
#IoTDS
![Page 5: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/5.jpg)
Cost of a Cyber Breach - Industry Sector1
#IoTDS
Source: 1Accenture Cyber Crime Studies 2017
![Page 6: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/6.jpg)
#IoTDS
Costs vary among countries1
![Page 7: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/7.jpg)
Roadmap for Threats
![Page 8: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/8.jpg)
Internet Everywhere and “Always On”
#IoTDS
![Page 9: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/9.jpg)
IoT Landscape as an Attack Surface
#IoTDS
Internet of Things
Transparency
Smarthome
![Page 10: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/10.jpg)
Types of attack methodsexperienced by participating companies1
#IoTDS
![Page 11: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/11.jpg)
Costs of different types of incidents1
#IoTDS
![Page 12: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/12.jpg)
Costs vary among countries1
#IoTDS
![Page 13: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/13.jpg)
Security Expenses
![Page 14: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/14.jpg)
Importance to your organization
#IoTDS
Many companies don’t fully grasp the threats they face!
Business needs
IT-Security needs
![Page 15: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/15.jpg)
Cyber Crime Market vs. Cyber Security Costs
#IoTDS
Source: Cyber Crime Costs Projected To Reach $2 Trillion by 2019 - Forbes, 17.01.2016
Cybersecurity Market Reaches $75 Billion In 2015; Expected To Reach $170 Billion By 2020 - Forbes, 15.12.2015
$400 billion by 2015
Estimated by Lloyd's
• SME costs: $1388 per capita
• Large organization:$431 per capita
$2.1 trillion by
2019Predicted by Juniper
Research
Global cost of cyber crime for
companies Cyber security market size
$75 billion by 2015
Estimated by Gartner, Inc.
$170 billion by
2020Predicted by SSP Blue
![Page 16: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/16.jpg)
Estimated annual ROI for enabling security technologies1
#IoTDS
![Page 17: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/17.jpg)
Budget allocations within the IT security infrastructure1
#IoTDS
Source: 1Accenture Cyber Crime Studies 2017
![Page 18: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/18.jpg)
The Costs to Fix Security Problems
#IoTDS
Errors are
more expensive
to fix later
Boehm’s Curve
![Page 19: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/19.jpg)
Cost of a Cyber Breach
![Page 20: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/20.jpg)
Example
Ransomware Infection – Small Enterprise
• 40k Euro Forensics (10 md)
• 300k Euro Business interruption (3 days, 100k per day, 3.65m annual rev)
• 2k Euro Restoration costs (1 day)
• 10k Euro Required updates (new SW Licences)
• Total of 352k Euro
#IoTDS
![Page 21: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/21.jpg)
Example II
Large Group Enterprise - Data Breach
• 400k Euro Forensics (100 md)
• 80m Euro Stolen Records (200m records; 2bn revenue)
• 4m Euro Implementation ISMS (1000md)
• Total of 84.4m Euro
#IoTDS
![Page 22: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/22.jpg)
Example III
Product vulnerability – IoT Device
• 10k Euro Patch development (5 md)
• 10k Euro Testing (5 md)
• 500k Euro Notification costs (0.5 Euro per customer; 1m customers
• 10m Euro Recall + Update (1m devices, 10 Euro per device)
• Total of 10.5m Euro
#IoTDS
![Page 23: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/23.jpg)
Example IV
Same company, one month later…
• 10k Euro Patch development (5 md)
• 10k Euro Testing (5 md)
• 500k Euro Notification costs (0.5 Euro per customer; 1m customers
• 10m Euro Recall + Update (1m devices, 10 Euro per device)
• Total of 10.5m Euro
#IoTDS
![Page 24: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/24.jpg)
• A thought experiment:
Yet Another Example
#IoTDS
Source: 1 http://www.fox32chicago.com/health/450000-americans-have-pacemakers-that-could-be-hacked-fda 07.09.2017; Getty Images
Follow-up Costs
![Page 25: What is the Cost of a Data Breach?€¦ · hit by an IoT breach expected it to cost them 13.4 percent of their total revenue1 More Than 25 Percent of Identified Attacks in Enterprises](https://reader035.fdocuments.net/reader035/viewer/2022063013/5fccc7df88ef9e3bed2cc388/html5/thumbnails/25.jpg)
In Summary - Proactive Cyber Security is Necessary!
Internet of Things Cyber Threats
Return of Invest Digitalization
Cyber Security
#IoTDS