IBM recently came out with its Cost of a Data Breach Report 2021. One of the main takeaways is the fact that the average total cost of a data breach increased from $3.86 million in 2020 to $4.24 million a year later. That’s a growth of 9.8%, the largest margin seen in seven years. The report also found that it took organizations an average of 287 days to identify and contain a breach, a lifecycle that’s a week longer than it was in 2020. This could help to explain the price tag of a data breach; more time to identify and contain means more time for an attacker to laterally move to identify critical assets, dwell longer within the enterprise and exfiltrate sensitive information.
Adding More Security Tools Doesn’t Lower Those Costs
Some organizations might look at those findings and feel inclined to enlist the help of lots of different security tools in the belief that they can achieve comprehensive visibility of their infrastructure. But that’s not the case. Adding more security tools can actually increase the costs of a data breach. As IBM learned in its report, organizations with a higher number of devices, users, and security tools experienced an average data breach cost of $5.18 million. That’s significantly more than the $3.03 million price tag that organizations with low levels of system complexity experienced after suffering a breach.
Don’t just take IBM’s word for it. In a survey of IT leaders, ReliaQuest confirmed that more technologies doesn’t lead to greater security. Here are a few stats that stood out to me:
- Most (85%) of the surveyed leaders told ReliaQuest that they were adding technologies faster than they could productively use them. (That’s up from 71% a year ago.)
- Nine in 10 respondents said that security tool overload had negatively affected their organization’s operations. The rate was just slightly less (78%) for those who said that the number of tools in place was undermining their organization’s security functions.
- In fact, 90% report one or more negative impacts of deploying multiple security technologies
When ReliaQuest asked the group of respondents to elaborate why, they said that too many security tools and technologies were preventing them from gaining unified visibility into potential issues as they arise. This complicated their ability to respond in a timely manner.
Reducing Complexity with ReliaQuest GreyMatter
It’s important that organizations do not deploy too many security tools in the hope that alone would close any coverage gaps and reduce response times. They need to be strategic about their security investments. They need to understand their risk profile and ensure they get singular visibility all while reducing complexity.
That’s where ReliaQuest GreyMatter comes in. An Open XDR-as-a-Service that’s vendor-agnostic, GreyMatter gives customers a way to seamlessly unify their data and tools so that they can have the contexts and insights necessary to protect themselves against digital threats and to grow the business. The tool relies on its Universal Translator™ to automatically gather and normalize data on demand from security technologies and tools including SIEM, EDR, multi-cloud, and business applications. This saves organizations time and money by freeing analysts from needing to hop from tool-to-tool to piece together information. Additionally, GreyMatter automatically brings in data, on-demand and in real-time, and enriches them with relevant threat intelligence, saving organizations the headache of creating and maintaining expensive security data lakes.
GreyMatter saves organizations additional time and money by managing those integrations on an ongoing basis so your analysts can focus on true threats. In a time when digital transformation is ushering in new technologies and opening the door to new attack scenarios, ReliaQuest ensures that your teams can still make security possible.
Check out how GreyMatter can help you reduce enterprise security risk by optimizing your investments and reducing complexity.