Slashdot Mirror

← Back to Stories (view on slashdot.org)

Slashdot Asks: Does Your Company Have A Breach Response Team? (helpnetsecurity.com)

Posted by EditorDavid on from the cracking-the-budget dept.

This week HelpNetSecurity reported on a study that found that "the average data breach cost has grown to $4 million, representing a 29 percent increase since 2013.. 'The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don't have a plan in place to deal with this process efficiently," said Caleb Barlow, Vice President, of IBM Security."

But the most stunning part of the study was that each compromised record costs a company $158 (on average), and up to $355 per record in more highly-regulated industries like healthcare, according to the study -- $100 more than in 2013. And yet it also found that having an "incident response team" greatly reduces the cost of a data breach. So I'd be curious how many Slashdot readers work for a company that actually has a team in place to handle data breaches. Leave your answers in the comments. Does your company have an incident response team ?

4 of 47 comments (clear)

  1. Naw by Anonymous Coward · · Score: 5, Funny

    My company has a breach denial team.

  2. Nah by Greyfox · · Score: 4, Funny

    They've come up with a much better solution. Their security is just so bad that they never notice that they've been hacked. They seem to think that if they're completely inept, the hackers will feel bad for them and fix some things before they log out.

    --

    I'm trying to teach myself to set people on fire with my mind... Is it hot in here?

    1. Re:Nah by Anonymous Coward · · Score: 2, Funny

      I worked at a place that got hacked, and the only reason anyone noticed is because of the work the hacker did to close the door behind them. A year after they patched the system, there was work on a project and it was returning an error because they were checking for the particular database for both the server type and version. Only after more investigation did someone realize the server was updated and even more that the update was done by none of the IT staff. I don't believe that they ever figured out everything because after the investigation started, they started deleting logs and whatnot. The sad part is, is if they just checked the server type and not the versions, it may not have been noticed at all.

  3. Re:Not Needed by l0n3s0m3phr34k · · Score: 2, Funny

    Did you follow through, and make the "hackers" pay for the wall?