The cost of cybersecurity breaches is continuing to rise, emphasizing the need for higher education institutions to invest in incident response teams.
The cost of a breach has increased across industries, but in the education sphere, per capita costs of data breaches have reached $166 — above the overall average of $148, according to a report on IBM and Ponemon’s “2018 Cost of a Data Breach” study.
While this information is likely alarming to some administrators, IBM researchers found institutions that invested in a solid incident response team saved a significant amount of money, reducing costs per capita by $13.
“While most organizations recognize the increasing need to adapt and respond to endpoint security, many are still stuck in don’t-let-me-get-attacked mode,” according to “The Cybersecurity Insight Report,” by CDW. “But today,” it continues, “sophisticated threats need a sophisticated response in terms of technology and strategy that embraces endpoint protection without stifling mobility.”
Ready Response Teams for the Internet of Things
As higher education institutions continue to move toward deeper integration of the Internet of Things, IT teams should prepare for increased threats to their campus networks.
While the cost of a data breach overall rose from $3.62 million to $3.86 million, organizations that moved to IoT saw an additional increased cost of $5 per compromised record, according to IBM and Ponemon’s report.
This increase in vulnerability can come from IT teams overlooking IoT devices when running security patches —which can be detrimental, as many IoT devices do not have certain built-in security capabilities, according to CDW’s cybersecurity report.
“Without these patches, IoT devices such as embedded sensors can serve as an entry point for hackers to steal confidential data — or worse yet, take over the functioning of critical equipment,” the report warns.To help protect against invaders without compromising an institution's move to IoT, IT teams also must invest in reliable data protection and recovery systems, Mayank Somani, an IBM security consultant, writes.
“This is especially critical given the increasing need to align with data privacy laws, many of which impose steep fines for noncompliance,” says Somani. “Because some regulations afford users the right to demand the erasure of their personal information, this capability must be built into all IoT devices that collect user data.”
Use Automated Security to Boost Protection Capabilities
While universities can regularly update endpoint security software, a new innovation marrying cybersecurity and machine learning has proven to decrease the chance and cost of a breach even more.
At the University of South Carolina, CISO James D. Perry II needed to find a way to protect the 60,000 endpoint devices on the college’s network.
Using FireEye’s automated endpoint security solution, Perry’s team was able to identify and respond to breaches more quickly, according to a testimonial, decreasing the time it took to complete an investigation from eight to two hours per incident.
“Having a tool deployed locally on devices ahead of time, in preparation for an incident, has helped us demonstrate that time and time again the value of the investment,” says Perry.