What Physical Security Professionals Can Take from IBM’s Cost of a Data Breach Report 2023
IBM’s Cost of a Data Breach Report 2023 is finally out, and it has important implications for the world of physical security. With key numbers from the report highlighting how costly cybercrime can be, it’s worth taking a look at what the report has to teach physical security professionals about the seriousness of that danger.
Perhaps most importantly, the report found that the average cost of a data breach globally is now $4.45 million (up from $4.35 million last year). That the figure is a lot higher for the U.S. – now standing at $9.48 million (up from $9.44 million last year).
For physical security professionals, numbers like those are worth taking note of. For starters, there’s a real risk that physical security devices could be infiltrated by hackers – as happened in the 2021 breach of Verkada, in which footage from roughly 150,000 security cameras was affected. Then there’s the risk that threat actors will carry out on-site data breaches physically – a risk that grows when cameras and other physical security devices are down.
Notably, the new report found that “physical security compromise” accounted for some 8% of data breaches. While these data breaches typically had a slightly lower cost than the global average (“only” $4.10 million, as compared to the global average of $4.45 million), they pose a very serious risk to organizations.
Taking a closer look at the report, we can also see other findings that should concern physical security teams.
The risk of “stolen or compromised credentials”
One of the report’s most important findings for physical security professionals is that 15% of data breaches are carried out using “stolen or compromised credentials.” The only attack vector responsible for more data breaches is phishing, which accounts for a slightly higher 16% of breaches.
That should sound alarm bells for physical security teams, given that physical security devices often come with generic credentials and it’s common for organizations to either leave those credentials in place or rotate them rarely and unreliably.
Meanwhile, the report found that of all types of data breaches, those that rely on “stolen or compromised credentials” take the longest to “identify and contain” – a whopping 328 days.
And while this attack vector is actually responsible for a smaller portion of all data breaches in this year’s report than it was last year (15% in 2023, as compared to 19% in 2022), those breaches are becoming more expensive. Whereas last year’s report listed their average cost as $4.50 million, in the recently published report that figure has risen to $4.62 million.
Steering clear of data breaches by hardening and maintaining physical security devices
It’s not hard to see how those numbers underscore the importance of protecting your organization from the risk that threat actors could hack into your physical security devices. But many organizations still struggle to operationally manage their physical security devices in a way that adequately addresses this risk.
In fact, the U.S. National Cybersecurity Strategy document published earlier this year noted that “many of the IoT devices deployed today are not sufficiently protected against cybersecurity threats.”
Much of the challenge stems from the huge amount of work involved in hardening and maintaining physical security devices manually. Specifically, protecting these devices from major cyber risks requires rotating passwords, upgrading firmware, managing certificates, and replacing devices as they reach their end of life. Given the scale of organizations’ fleets of physical security devices and the wide variety of devices they typically include, performing these steps as necessary is a time-consuming and expensive process. It is also a process rife with chances for human error.
It is common for organizations to find these steps to be too work-intensive to be feasible. As a result, they leave their physical security devices exposed to cyber threats (among other risks).
The need for visibility and automation
Given this challenging situation, visibility plays a vital role in protecting physical security devices from cyber threats and ensuring that they work consistently. Specifically, it is important to monitor those devices around the clock in order to help organizations rapidly detect and address any issues causing downtime. In addition, hardening and maintaining physical security devices properly requires detailed information for each device, including:
- When did this device last have its password rotated?
- How often is it required to have its password rotated?
- What firmware version is this device currently running?
- What is the latest firmware version with which both this device and other related assets (such as a video management system) are compatible?
- Does this device have a certificate – and, if so, when does it expire?
- When will this device reach its end of life?
Similarly, automation is a critical tool for any organization to streamline the process of protecting its physical security devices. Gathering all of the information above is a time-consuming process for employees, but it can be performed reliably and efficiently by a comprehensively automated solution for operationally managing physical security devices.
And once all of that information is collected, an automated solution can use those details to carry out critical steps that help organizations keep their physical security devices running reliably and securely.
Achieving enterprise-ready physical security
While it’s unsurprising to see that data breaches have gotten more expensive since last year (continuing the general trend we’ve seen over time), quantifying that trend underscores the importance of following best cybersecurity practices.
With the average cost of data breaches continuing to rise, the new report also reflects the growing importance of achieving enterprise-ready physical security. That means not only maximizing device uptime and boosting efficiency to cut costs, but also hardening and maintaining physical security devices in order to protect them from cyber threats.
And achieving all of those goals requires a combination of comprehensive visibility and automation.
For a deeper dive into what it takes to ensure your physical security devices protect you without exposing your organization to cyber risks, check out The Guide to Enterprise-Ready Physical Security.