The cost of a data breach can be devastating to an organization, and the price tag keeps going up. As breaches become more expensive and common, enterprises need to deploy solutions capable of managing their risks. A zero trust security strategy, implemented and enforced via SASE, is a crucial step in driving down the cost of the data breach.
Data Breach Costs Continue to Rise
Data breaches make headlines on a weekly basis, and smaller breaches occur every day. In 2020, over 1,000 data breaches were reported in the United States alone. These breaches exposed over 155 million records, and this was a relatively light year for data breaches due to the COVID-19 pandemic. However, while the number of data breaches that were detected and reported in the US decreased from 2019 to 2020, the average cost of them did not. In 2020, the average cost of a data breach was approximately $4.24 million, a nearly 10% increase over 2019.
The impact and cost of data breaches are likely to continue to grow as they are increasingly incorporated into different types of attack campaigns. Ransomware operators now commonly steal data from their victims to use as leverage when demanding ransoms from the infected company and its customers.
The Primary Enablers of Data Breaches
According to IBM and Ponemon, a mature zero trust deployment has a significant impact on the cost of a data breach. Companies without zero trust had an average cost of $5.04 million, while the average cost was $3.28 million for businesses with a mature zero trust strategy. The reason for this is that a comprehensive zero trust strategy addresses many of the leading causes of data breaches, including:
- Compromised Credentials: Lost or stolen user credentials can be used to gain access to corporate resources with the permission of a legitimate user. This enables an attacker to access sensitive data with a lower chance of detection. Zero trust network access (ZTNA) helps to protect against this threat by applying zero trust principles to all access requests from remote users.
- Phishing Attacks: Phishing attacks use a variety of tactics to trick users into handing over their credentials, executing malware on their system, or providing sensitive data to the attacker. With zero trust, the data accessible to the compromised user is more limited, and the increased visibility provided by zero trust solutions increases the probability that any anomalous activities are detected, blocked, and alerted upon.
- Cloud Misconfigurations: Security misconfigurations in cloud environments are a common problem and cause of data breaches. A zero trust security policy can help to avoid these misconfigurations and to minimize the impact if an attacker is able to exploit one.
- Vulnerabilities in Third-Party Software: Zero trust security strategies are designed to limit access of users, devices, and applications to the minimum required for business purposes. This helps to minimize the impact of compromised applications because it limits the data and other resources that an attacker can access by exploiting the vulnerability.
A zero trust security policy can reduce the probability and cost of a data breach to a company. However, an effective zero trust policy is one that is implemented with the right tools.
Legacy Solutions Leave Enterprises Vulnerable
Many organizations are reliant on legacy security solutions that are incompatible with or lack the required capabilities to implement a zero trust security policy. Some of the main limitations of these legacy security solutions include:
- Scope and Coverage: Legacy security solutions are often designed to solve a particular problem in a given environment, so organizations often have a security infrastructure cobbled together from many disparate standalone solutions. This makes it difficult to consistently enforce zero trust access controls across rapidly expanding corporate environments.
- Perimeter-Focused Security: Historically, many enterprises have taken a perimeter-focused approach to security, and legacy security solutions are designed to work with this approach. With zero trust, a more granular approach is needed, often – due to the rise of cloud computing – in environments where legacy solutions are not usable or effective.
- Unrestricted Remote Access: Virtual private networks (VPNs) are a common remote access solution that provides authenticated users with unrestricted access to corporate resources. This leaves companies vulnerable to data breaches exploiting compromised credentials.
Minimizing Data Breach Risk with SASE
In the modern enterprise, sensitive data is everywhere, including in on-premises data centers, cloud deployments, and remote workers’ systems. Since cybercriminals will aim for the easiest available target, protecting against data breaches requires the ability to consistently apply zero trust principles across the entire corporate IT ecosystem.
SASE provides an essential foundation for a zero trust and data breach mitigation strategy. SASE combines the network optimization capabilities of SD-WAN with a full network security stack in a cloud-based appliance.
With SASE, enterprises can apply and enforce consistent zero trust policies across their entire corporate WAN. Since SASE points of presence (PoPs) can be deployed anywhere, companies can protect their cloud assets and remote workforce at the same level as on-prem resources without sacrificing network performance.