Data leaks don’t get much more sensitive than 23AndMe. More than 9 million user accounts were compromised in October with records scraped and sold to the highest bidder – particularly concerning considering the sensitive nature of the genetic testing platform’s database. But perhaps worse than the breach itself was the company’s reaction.
Not only did the company blame users for not updating their credentials with strong passwords, but it took them more than five months to detect the hack. This gave bad actors almost half a year to sift through sensitive customer information and other business data before the enterprise even knew what was happening.
But the most concerning part? 23AndMe is not alone in slow response times. Enterprises across the board struggle to detect breached defenses with it taking 322 days on average to raise the alarm.
This is simply an unacceptable detection timeframe in today’s hyper-connected world. Organizations in this era of distributed employees and remote endpoints must move beyond reactive measures and embrace a proactive strategy that prioritizes faster detection and containment. Tools like artificial intelligence (AI), for example, can cut detection times in half and save reputations and bottom lines. Let’s explore how.
The Cost of Delayed Detection
The adage “time is money” takes on a literal meaning in a prolonged cyberattack. Every passing day exposes sensitive data to exploitation, potentially leading to financial loss, reputational damage, and operational disruption.
For example, the Equifax breach of 2017 impacted 143 million consumers but was not discovered for months. By the time the company identified the intrusion, hackers had already accessed troves of sensitive data including social security numbers, birthdates, addresses, and driver’s license numbers. The financial consequences were severe, with Equifax ultimately agreeing to pay $575 million to settle claims.
A more recent cautionary tale is the SolarWinds hack of 2020, which went undetected for a staggering eight months. By exploiting vulnerabilities in the company’s Orion software, attackers were able to infiltrate the networks of multiple government agencies and corporations in one of the most sophisticated supply chain attacks ever seen. The breach not only affected SolarWinds’ reputation but also raised serious national security concerns.
Both cases show how costs can quickly spiral since data breaches incur regulatory fines, legal fees, and customer notification requirements. The longer the breach goes undetected, the greater the financial burden. IBM reports that organizations that deploy security AI and automation extensively saw nearly $1.8 million lower data breach costs than organizations that didn’t deploy these technologies. The numbers speak for themselves: swift responses translate to cost savings.
Also, beyond the finances, a data breach can destroy a company’s reputation. News of a breach can erode customer trust overnight, leaving a stain that takes years (time, effort, and resources) to repair. The operational disruption caused by a cyberattack can be just as devastating. For example, businesses may experience critical system outages that cripple productivity and revenue streams. When it comes to detecting hacks, something has to give.
Smart Tools for Holistic Defense
The good news is that technology helps to significantly reduce breach detection times and equip organizations with a robust defense against sophisticated cyber threats. Organizations can dramatically improve their cybersecurity posture by leveraging a combination of AI, continuous monitoring, and robust endpoint security.
Incorporating AI solutions provides a tireless sentinel, analyzing vast amounts of data in real time to identify hidden patterns and anomalies that might indicate suspicious activity. These algorithms continuously learn and adapt, detecting even the most sophisticated cyberattacks that might otherwise slip through human scrutiny.
One powerful weapon in this fight, especially as hackers also leverage smarter tools like AI-powered malware, is Security Information and Event Management (SIEM). SIEM acts as a digital detective, continuously collecting and analyzing data from across your network to identify anomalies and suspicious activity that might indicate a lurking cyberattack.
On the endpoint front, Unified Endpoint Management (UEM) solutions provide comprehensive endpoint visibility and control, an especially important component in today’s hybrid work environments. Implementing an Endpoint Detection and Response (EDR) solution platform will further bolster threat detection capabilities across endpoints, enabling security teams to pinpoint, mitigate, and resolve security breaches more effectively.
According to IBM, solutions like these can drastically cut down detection times. Organizations that fully deploy security AI and automation experience an average 108-day reduction in breach lifecycles. This translates to a significant decrease in the window of opportunity attackers have to exploit vulnerabilities, ultimately protecting sensitive data and mitigating potential damage.
The Cultural Component of Cyber Safety
Technology unlocks faster breach detection but it’s only one piece of the puzzle. Studies estimate that the vast majority of breaches (about 90%) originate from human error. So, while smarter tools can help uncover breaches more quickly, smarter employees can stop them altogether.
The most essential part of building such a security culture is regular training. Make these sessions engaging and interactive, utilizing real-world scenarios and case studies to illustrate the potential consequences of cyberattacks. Train employees to identify common cyber threats like phishing emails, social engineering tactics, and malware disguised as legitimate software. Further, educate them on best practices for secure password management, data handling, and device usage, including personal devices used for work purposes.
Building a culture of security awareness makes employees the first line of defense to stop hacks. And, backed by smarter detection, companies can then more quickly spot hacks. This one-two cybersecurity punch can go a long way to preventing incidents like 23andMe.
One hundred days is a long time in hacking. If, on average, AI and automation can cut breach detection times by this amount, then it’s more than worthwhile for companies to invest in next-gen solutions like these. The decision will pay reputational, infrastructural, and bottom-line dividends for years to come.
The alternative – more breaches, more costs, more customer distrust – is simply not an option. Let these corporation hacks be a wake-up call for us all to accelerate our defenses and close the detection gap before it’s too late.
