It takes companies 206 days to identify a breach - you could do it in 1

Published on Friday, October 4, 2019 - 15:47 by Cameron Troake

It’s nothing new to say organisations across the globe are under serious pressure to keep their customer’s personal data safe, and nowadays it really is a case of when – not if – they suffer a data breach, the response expected is to be as transparent and swift as possible.

This isn’t just because of the new regulatory requirements.

Whilst a slow response to a breach will naturally result in more serious fines from regulators, it will also lead to a larger loss of brand trust, and an even bigger chunk of company time being taken out to deal with the breach instead of business operations as usual.

It’s important to remember that the cost of a data breach isn’t just dependant on the severity of the breach, or the amount of data that has been disclosed. The time it takes to discover – and contain – a data breach is a huge contributing factor.  

According to IBM, organisations take 206 days on average to identify a data breach, and 69 days to contain it.

This lengthy amount of time is costing organisations millions of pounds.

As well as the major fines, organisations that take too long to disclose a breach also put themselves at risk of lawsuits from both consumers and independent agencies.

According to a study by Centrify, organisations which had quick reaction times to their data breaches saw stock value recovered after only seven days.

Plus, organisations that could contain a data breach in less than 30 days tended to save more than $1 million compared to the companies which took longer. 

But, on the other hand, organisations which took more than 90 days to respond to a breach typically experienced a long-lasting decline in stock value.

So, the faster a breach can be identified and contained, the lower the costs for the business. Which means having systems and modern detection tools in place to help instantly detect breaches should be a priority for all organisations.

What are the most common causes of a data breach?

According to Ponemon Institute, almost half of all data breaches are the result of a malicious or criminal attack, just over a quarter result from human error and a quarter result from a system glitch.

Your third-party suppliers are also a serious security risk. Whilst organisations typically use several third-party providers to help enable business processes - from HR and finance through to marketing and CRM - they are often the biggest source of data risk.

Under the GDPR, you must demonstrate accountability and responsibility when selecting and managing your suppliers – which means that if they get breached, you are now financially liable.

Disgruntled or duplicitous employees also play a big part in data breaches.  New research has shown that almost half of office-based employees are willing to sell corporate information to outsiders, and as a little as £1,000 would be enough to tempt 25% into information theft.

How to swiftly identify – and contain - a data breach.

A practical solution an organisation can use to quickly identify and combat these threats is to input “tracker” records into its corporate databases.

This essentially involves adding uniquely identifiable contacts amongst the real records within a data set, which are then continually monitored for all usage. This allows an organisation to immediately spot any unexpected or suspicious activities, so they can swiftly take action and investigate further.

Ensuring staff are aware that this safeguard is in place can also minimise the likelihood of theft – if employees know they’re more likely to get caught, they will be less likely to take the risk.

It’s important to remember that the growing value of data, combined with the rising difficulty in an organisation’s ability to collect and process it  (due to more demanding privacy regulations and a growing individual awareness), means the temptation to steal and sell data will continue to increase.

So, whichever safeguards and steps an organisation chooses to put in place, it’s important to ensure they’re strong enough to continuously combat an advancing threat.

Track your data, detect breaches and take action – all in one day.

BreachTrak enables you to monitor data usage from both employees and third-parties - giving you the ability to keep an eye on your data even when it leaves the building and moves beyond your direct control. It can monitor the surface and dark web, e-mail, phone and postal data usage.

With daily updates logged into your secure online portal and email alerts that instantly flag any suspicious activity, you'll be able to quickly identify when your data has been misused - and who by - so you can take action immediately.

To find out more about how BreachTrak can help your organisation, call us now on 01494 442900 or complete our enquiry form:


Find out more?

Leave your contact details below and one of our expert team will be in touch

We will only use the contact details you supply on the basis of our legitimate interest to respond to your query and contact you about DQM GRC. You will always be given the opportunity to opt-out from future communications. Please read our privacy policy for more details.


Find out more..

If you are interested in any of our services then please either use the contact form or contact us via of the methods below:

  •   Telephone
  •   E-mail

  •   +44 (0)1494 442900