Security Staff Shortages Incur Higher Breach Recovery Costs

  /     /     /  
Publicated : 22/11/2024   Category : security


Security Staff Shortages Incur Higher Breach Recovery Costs


New study measures the financial impact of a breach on a company short on IT security staff.



The shortage of skilled IT security professionals is not a new topic. Multiple reports have shed light on the talent shortage and the type of security
risks
associated with an IT department that is
short on security skills
. But a report released this week by Kaspersky Lab and partner B2B International shows the potential financial impact of being short-staffed in the security department. 
The study, which surveyed nearly 5,000 representatives from companies of different sizes and industries, compared the breach recovery costs for large companies that had enough IT security staff with large companies that were light on security support. The average cost of recovery for companies with inadequate security support was between $1.2 to $1.47 million, and from $100,000 to $500,000 for companies with a strong and sufficiently staffed IT security team.
When an organization has internal IT security staff on the payroll, they become more familiar with the cyclical process of a breach and recovery and are able to learn from each incident and apply that knowledge to the organization’s security posture, says Michael Canavan, vice president of North America for Kaspersky Lab.
“This is a large reason why you see the smaller dollar amount with those incidents [at organizations with in-house security staff],” he says. They’re less traumatic because more information is known, he adds.  
The survey also showed that additional staff wages make up a significant portion of the recovery costs -- $14K on average for SMBs and $126K for enterprises -- which was higher than the loss of business opportunities, credit rating, and compensation to clients and partners combined. 
Candace Worley, vice president and general manager for enterprise endpoint security at Intel, points out that while nearly $1.5 million for a breach is high, the average cost of a breach is now 
over $4 million dollars
 per incident, according to the Ponemon Groups Cost of Data Breach 2016 report.
“If a company was unfortunate enough to experience two breaches in a year, she says, then “investing in a security staff is the better way to go.”
She also notes that in addition to labor costs, organizations have to account for the brand impact and opportunity cost of a breach in addition to the hard costs. “There’s the domino or cascade of costs,” Worley says. 
Tejas Vashi, senior director of Cisco Services, says that while the industry acknowledges that many organizations need more security staff, it takes a long time to bring them on.
“Enterprises need to be proactively seeking out the talent and continuously reskilling their existing workforce,” says Vashi, adding that a proactive mindset is very important in the security space right now, for both hiring and threat mitigation. He likens the IT security landscape to a quote from Henry Ford: The only thing worse than training your employees and having them leave is not training them and having them stay. 
Find the full report
here
.

Last News

▸ There are plenty of online tools for reporting bugs. ◂
Discovered: 23/12/2024
Category: security

▸ 27 Million South Koreans Hit by Online Gaming Theft. ◂
Discovered: 23/12/2024
Category: security

▸ Homeland Security Background Checks Breach Raises Concerns. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Security Staff Shortages Incur Higher Breach Recovery Costs