Organizations are approaching cybersecurity with an open checkbook. The big driver is the relentless innovation in threats and breaches. Ernst & Young estimate that 75% of organizations would likely increase their cybersecurity resources following a breach.
Yet for all the money spent on securing networks, cyberattack damage has increased as much as 1500% in the last two years.
A recent global study on the financial impact of a corporate data breach, undertaken by the renowned Ponemon Insitute, tells us the average cost is over $3.8m. For a mega breach (1-50m records) the increase is a staggering $40m to $350m respectively. It’s not going to get better any time soon: by 2021 organizations are predicted to lose $6 for every $1 they spend on cybersecurity.
But there are signs the well is starting to dry up.
Recent surveys suggest security budgets need to grow by 50%, but the average increase will be nearer 10%. Cue a massive challenge: security and network teams will look for solutions that can do more for less and cut the cost of a data breach.
It will create a new lens to look at cybersecurity solutions: they must offer true utility (greater security at lower cost); and they must shorten the time to detect and contain a data breach.
Why? Right now a smaller scale data breach takes 225 days and a mega breach takes over a year to detect, but if the breach can be contained in under 30 days, millions will be saved.
So how do you accelerate detection and containment and cut the cost of a data breach? One solution ticks all the boxes: full network packet capture.
How?
Total network history
When organizations have 100% network history, rapid and accurate detection of breaches can happen. Network sniffing and metadata give a partial picture. But capturing and storing all network IP packets, even the busiest network traffic, with the best lossless capture rates gives the full one. These high-fidelity traffic records are logged and stored, making detection easier and faster.
Extended packet capture timeline
To make detection realistic the network history must go back 140 days+ from the discovery of a breach. Most organizations store 4 days, which means no visibility of when the breach occurred. New full network packet capture tools can now store petabytes of data on premise, making 100s of days of data constantly available for search.
Powerful and fast search
Detection and remediation speeds of these massive data stores is fast. Now petabytes of network traffic can be searched in minutes, smarter logging further accelerates discovery, as does on premise storage.
Lower cost data storage
100% network history extended over months even years and searchable in minutes, sounds costly. It isn’t. Full network packet capture tools can now store petabytes of data at up to 80% less than other solutions.
