Not ‘If’ but ‘When’: A data breach story in two parts

The value of next-generation intrusion detection in data breach response, investigation and mitigation

The cybercrime economy is now larger than the GDP of many countries. Estimates vary, but one puts it at around $1.5 trillion per year. That’s bad news for organizations, who are faced with a highly motivated, well-resourced and determined enemy—one which has the advantages of agility and anonymity. The result is that many are struggling to adapt to a new reality: today, it’s not a question of “if” but “when their organization is breached.

Some eye-catching stats help to tell the story:
• One security vendor blocked over 52.2 billion unique cyber-threats in 2019
• Over 8.4 billion records were exposed globally in Q1 2020, a 273% year-on-year increase
• Globally, the average time taken to identify and contain a breach is 280 days (over nine months)
• Credential stuffing is rife: one vendor claims to have detected 3.5 billon log-in attempts via this technique over an 18-month period in the financial services sector alone

Read this paper to experience a typical data-stealing ransomware attack on a fictional financial services company (PremiumCredit), revealing two scenarios: the fall-out with and without next-gen IDS.
• The holistic insight and advanced threat protection offered by next-gen IDS allows PremiumCredit to stop the attack in its tracks and respond quickly and effectively to mitigate risk
• Without this tooling, the firm is on the hook for major legal, regulatory and IT costs, and suffers reputational damage, customer attrition and share price devaluation