Huge Average Cost of Data Breaches Revealed
22 Jan 2024
Cost of a Data Breach
A$6.77 million!
That was the average cost globally of a data breach in 2023, according to research by IBM.
An all-time high, and a 15% increase over the last 3 years, the astonishing number was calculated through in-depth analysis of real-world data breaches experienced by 553 organisations globally – including 112 in the Asia and Pacific regions – in the 12 months prior to March 2023.
Alarmingly, only a third of studied breaches were detected by an organisation's own security team. 27% were disclosed by an attacker, and the remainder came from customers, trading partners, law enforcement and other third parties.
Nearly 40% of breaches were compounded by the loss of data across multiple environments including public cloud, private cloud, and on-prem.
IBM recommended company security teams focus on where cyber criminals are most successful and concentrate their efforts on stopping them before they achieve their goals.
This is where an investment in a Secure Managed File Transfer solution has a key role to play. The interception of ad hoc file transfers – for example, email attachments, FTP transfers and other ad hoc methods of moving data within your organisation and between its trading partners – is a key exposure.
A Secure Managed File Transfer solution such as the class-leading GoAnywhere MFT addresses the many risks of these ad hoc approaches through a holistic approach and complementary array of security features.
Authentication & Encryption
Automatically encrypt files on disk using AES 256 encryption
Use Domains to create multiple security zones.
Filter connections with IP blacklists and whitelists (Global and User level).
Block Brute-Force and Denial of Service (DoS) attacks with an automatic IP blacklist.
Authenticate SFTP connections with passwords and/or SSH keys.
Authenticate FTPS and HTTPS connections with passwords and/or SSL certificates.
Ability to accept or reject files with certain extensions.
Run services under non-standard port numbers.
Create and manage SSL certificates, SSH keys, and Open PGP keys through integrated screens.
User Access & Controls
Authenticate users against LDAP, Active Directory (AD), IBM i profiles, RADIUS, RSA SecurID, Google Authenticator, Duo Security, and other IAM (Identity and Access Management) solutions.
Define administrator user permissions for separation of duties.
SAML support for single sign-on and dual factor authentication.
Restrict users to specific home directories and subfolders.
Specify folder level permissions (upload, download, delete, rename, etc.) by user and group.
Restrict user logins to certain days-of-week or times-of-day.
Set password policies and expiration intervals.
Authorise selected services (e.g. FTP, SFTP, FTPS, HTTPS and AS2) to certain users and groups.
Disable user accounts after maximum login attempts.
Disable user accounts automatically after a period of inactivity.
Receive instant notifications on login failures.
Disable anonymous login.
View the active sessions for logged-in users with the ability to terminate (kick) sessions.
Auditing & Reporting
Generate full audit trails of all user events and file activity with reporting.
Generate reports of file transfer activity, user statistics, and completed jobs from within the console.
Feed audit log messages to a central SYSLOG server.
Full Compliance
GoAnywhere MFT secures your sensitive files and transmits data using the latest security standards, keeping your data secure and compliant with regulations, frameworks, and standards, including:
Australia’s Consumer Data Right.
Singapore’s PDPA (Personal Data Protection Act).
PCI DSS, the global data security standard adopted by payment card brands.
The EU’s GDPR (General Data Protection Regulation)
The US’s HIPAA (Health Insurance Portability and Accountability Act) & HITECH (Health Information Technology for Economic and Clinical Health Act).
The US’s FISMA (Federal Information Security Management Act) & NIST (National Institute of Standards and Technology) Cybersecurity Framework.
Canada’s PIPEDA (Personal Information Protection and Electronic Documents Act).
California’s Consumer Privacy Act.
“An ounce of prevention…”
As the old saying goes: “An ounce of prevention is worth a pound of cure”.
To avoid becoming one of the cybercrime victims IBM studies in 2024 😉 please do explore how the world’s leading Managed File Transfer solution, GoAnywhere MFT can bolster your organisation’s Cyberdefences.
Our Business Manager, Bradley Copson (bradley@gensys.com.au), is always happy to have an obligation-free discussion, and can offer you a no-cost trial or Proof of Concept.