The real cost of a prolonged data breach

As supply chains become more integrated businesses need to be aware of their vulnerabilities and those of their partners

Pro

Enda Kenny

In association with CyberHive

With more than 18 billion records exposed in the first half of 2021, research recently carried out by the Ponemon Institute and IBM shows the cost of a data breach increasing year-on-year to €3.6 million. Remote working due to the pandemic also increased the average total cost by over €850,000 due to organisations with more than 50% mix of remote workers taking 58 days longer to identify and contain breaches, with the healthcare industry sadly, but not unsurprisingly, experiencing the highest average cost.

Former Taoiseach and Fine Gael leader Enda Kenny spoke recently to London Stock Exchange about the impact of data security on the wider population and why he joined UK cybersecurity company CyberHive as a board advisor, to help with its mission to make data breaches a thing of the past.

“The principles of running a country and a company are quite the same,” he said. “You must have responsibility towards your people, towards protection of the resources and the assets they have. It’s important to have a sense of integrity and trust and building a reputation for quality in all that you do.” 

In that sense it’s very clear that cybersecurity is of the major challenges for today, when you consider that personally identifiable information was included in almost half of all data breaches in the past 12 months.

Kenny continued: “In the context of running a country you are exposed to the great challenges that face all humanity, and today as the internet continues to expand so too will the level of data and information, and the use and ownership of that data is critical for every citizen and every country on the planet, so cybersecurity is one of the central issues and will continue to be so on a daily and continuing basis. Witness the recent attack on Colonial [Pipeline], the attack on the NHS a number of years ago and it’s equivalent here in Ireland quite recently. So, for that reason I was interested in getting involved in a company dealing with cybersecurity and CyberHive attracted me very much.”

“It’s perfectly obvious the number of cybersecurity attacks are increasing on a daily basis, and major data leaks are increasing. Data content storage in Ireland has expanded really strongly in the last number of years, data sovereignty is a critical issue, and the protection and security of that will continue to be so. What attracted me to work with CyberHive is that the company has built that reputation for integrity and quality and its authenticity has been greatly strengthened by its collaboration with The University of Oxford. But also, they use a genuinely different kind of technology, CyberHive is not just a tech company but also a problem-solving company, with their unique ability to detect breaches, leaks of information within seconds.” 

How many times in the last 10 years has information leaked from companies was not detected for a number of years? The average number of days it takes to identify and contain a data breach sits at a staggering 287 (and more than 316 days for organisations with over 50% of its staff working remotely). CyberHive’s ability to quickly detect and sort breaches into ‘malicious intent’, ‘human error’ or ‘outside attack’ put it in a position of global leadership. This capability is especially important given that more than two-thirds of breaches come from compromised credentials or phishing.

As supply chains become more integrated businesses need to be prepared of their vulnerabilities and those of their partners, as well.

On future government responsibility, Kenny said: “Governments must produce budgets every year, and one of the central responsibilities is to manage the economy in a fair and equitable fashion, clearly Ireland was a case in point a number of years ago in very different circumstances. In that sense departments of government in many countries did not appreciate the extent and scale of the challenge involved in cybersecurity and did not budget adequately. The cost of repair can be phenomenal, with irreparable damage to governments, to economies, to businesses, with direct impact upon unemployment and quality of life. So, it’s a growing issue that governments will need to look far more seriously at the extent of money being pumped into the protection of data in the interests of their citizens.”