In 2016, the average total cost of a data breach was $4 million across the globe, an increase of 29% since 2013 according to a study conducted by the Ponemon Institute and sponsored by IBM Security. In addition, the average cost per record breached is $158, but varies by industry:
- Healthcare $355
- Retail $172
- Transportation $129
According to Grandview Research, “the dependence of enterprises on information technology and sensitive nature of digitally stored data has raised the stake for cyber-attackers with financial gain becoming a primary motive.” As a result the cybersecurity market is expected to reach $205.1 billion by 2024.
When it comes to data security, Forrester has coined the term “Zero Trust” meaning that you cannot trust either internal or external networks. Zero Trust is defined as a “data-centric network design that puts micro-perimeters around specific data or assets so that more-granular rules can be enforced.”
The US House of Representatives Committee on Oversight and Government reform recommends that all federal agencies adopt the Zero Trust model. Forrester analyst John Kindervag offers the following steps to help every company implement a Zero Trust policy:
- Identify Your Sensitive Data. Identify the data that you need to protect and then invest in security controls.
- Map the Data Flows of Your Sensitive Data. Have network architects or application architects create a transaction flow map to understand how data flows across your network.
- Architect Your Network. Determine optimized flow and identify where to place microperimeters and segmented.
- Create Your Automated Rule Base. At the segmentation gateway, determine how access control and inspection policies will be enforced.
- Continuously Monitor the Ecosystem. Log and inspect all traffic, both internal and external.
What have you done to secure your company’s data?