Over a million developers have joined DZone.

Criminal Cyberattacks Are Up. Can Automated Security Help Reduce Them?

DZone's Guide to

Criminal Cyberattacks Are Up. Can Automated Security Help Reduce Them?

New research from the Ponemon Institute and IBM offers a clue as to whether automated security tactics can help reduce cyberattacks.

· Security Zone ·
Free Resource

Discover how to provide active runtime protection for your web applications from known and unknown vulnerabilities including Remote Code Execution Attacks.

One of the most cited statistics related to cyber attacks is the average cost of a data breach as calculated by The Ponemon Institute with support from IBM. The 2018 Cost of a Data Breach report, which has become an industry benchmark, also tracks the number of days it takes to identify a breach and the number of days to contain a breach among other data points.

As with past reports, this year's average cost of a breach gets the most attention. (BTW, the average total breach cost, the average cost per record, and the average number of records lost are all up again this year on a global basis.) And, as usual, not everyone agrees with the conclusion or methodology.

However, while one statistic in the report reveals the scope of the problem at hand. Another gives a glimmer of hope for those organizations that have taken the leap of faith to deploy the latest technologies and techniques that rely more on automation and less on hands-on keyboards.

Ponemon reports that nearly half (48 percent) of the attacks included in the 2018 research were criminal or malicious in nature. That's a staggering number, especially when you take into considering other findings from Ponemon that indicate criminal cyber attacks take the most amount of time to detect and remediate - a global average of 302 days - and are also the most costly. The longer it takes to stop an attack and fix the root cause, the higher the cost - as much as $1 million USD on average if the containment takes longer than 30 days.

It's not particularly surprising that the average cost and time associated to detect and address attacks are increasing given the number and scope of data breaches. What is encouraging, though, is a first-time statistic in the Ponemon/IBM study: the impact of automated security solutions on breach costs.

Ponemon defines these new technologies and tools as "security technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches." The 15 percent of responding companies that used security automation realized a total breach cost nearly $1 million USD lower than the global average ($2.88 million USD vs $3.86 million USD). The 51 percent who had no automation or plans for adding automation saw average breach costs of $4.43 million USD, a net higher cost of $1.55 million USD.

The message from these findings is clear. Companies that still rely on manual processes - security tools that require frequent tuning or manual CVE patching, for example - fare worse if they are breached. One year of data does not make a trend, but it's reasonable to believe the number of breaches will decline, too, as more organizations deploy automated tools that address the leading cause of cyber attacks - known, but unpatched flaws in applications.

Find out how Waratek’s award-winning application security platform can improve the security of your new and legacy applications and platforms with no false positives, code changes or slowing your application.

security ,cyber attacks ,research ,ponemon ,criminal cyber attacks

Published at DZone with permission of

Opinions expressed by DZone contributors are their own.

{{ parent.title || parent.header.title}}

{{ parent.tldr }}

{{ parent.urlSource.name }}