It is getting much harder for businesses to avoid a data breach. According to IBM Security 2022 Cost of a Data Breach Report, approximately 83% of organizations have experienced more than one data breach.

A breach hurts businesses in a number of ways. First, there is the immediate cost of remediating the breach. Then there are the costs of lost productivity, lost customer trust, and lost business. Extensive legal costs and penalties associated with a breach can also be incurred.

The IBM Security report also shows that the cost of a data breach climbed again in 2022. The global cost of one breach is now $4.35 million, up 2.6% from the year before. For U.S. based businesses the cost rises to $9.44 million. In Canada, the average data breach costs companies $5.64 million.

Smaller companies tend to suffer slightly lower costs, but breaches are often more devastating to SMBs since they generally don’t have the same resources that larger companies do to offset or absorb all those costs.

It is estimated that 60% of small companies go out of business within six months of a data breach.

Companies need not resign themselves to the impending doom of a data breach. There are some proven tactics they can take to mitigate the costs. These Cybersecurity practices can limit the damage of a cyberattack.

All these findings come from the IBM Security report. They include hard facts on the benefits of bolstering your cybersecurity strategy. Make sure you heed the advice in the following tips:

1) Adopt a Hybrid Cloud Approach

The most common business use of the cloud is for data storage and business processes. People tend to think, “Oh, it’s in the cloud, so it’s safe.” However, researchers found that 45% of all data breaches happen in the cloud. Security in the cloud is ultimately the user’s responsibility, and often security measures are nullified by cloud misconfiguration. No matter how you go about setting up the cloud, remember that all cloud strategies are not created equally.

Breaches in the public cloud cost significantly more than those in a hybrid cloud. What is a hybrid cloud? It means that some data and processes are in a public cloud, and some are in a private cloud environment, generally based on importance.

What some may find surprising is that using a hybrid cloud approach is also better than going 100% private cloud.

The IBM report shows the average global cost of a data breach for all three cloud models:

Public (many users/clients):                   $5.02 million
Private (one user/client):                       $4.24 million
Hybrid (public and private clouds):         $3.80 million

2) Create an Incident Response Plan & Practice It

An Incident Response (IR) plan is part of a Backup & Disaster Recovery plan. Even the smallest of businesses should have these plans in place. The IR plan is simply a set of instructions. It's for employees to follow should any number of security incidents occur.

Here is an example. In the case of ransomware, the first step should be disconnecting the infected device. IR plans improve the speed and effectiveness of a response in the face of a security crisis.

Having a practiced incident response plan reduces the cost of a data breach. It lowers it by an average of $2.66 million per incident.

3) Adopt a Zero Trust Security Approach

Zero trust is a collection of security protocols that work together to fortify a network. An example of a few of these are:

Multi-factor authentication

Application safelisting

Contextual user authentication

Approximately 79% of critical infrastructure organizations haven’t adopted zero trust, which is a layered approach to security that some feel is cumbersome and inconvenient. Doing so can significantly reduce data breach costs. Organizations that don’t deploy zero trust tactics pay about $1 million more per data breach.  Ask yourself this question:

Is a little inconvenience worth a million dollars?


4) Use Tools with Security AI & Automation

Using the right security tools can make a huge difference to the cost incurred during a data breach. Tools that deploy security AI and automation in the event of a breach brought the biggest cost savings.

Data breach expenses are lowered an average of 65.2% thanks to security AI and automation solutions. These types of solutions include tools like advanced threat protection (ATP). They can also include applications that hunt out threats and automate the response. Any decent Managed Services Provider (MSP) will have these tools in place – it saves you money and it saves them a headache.

How do you build cybersecurity resilience?

The preceding tips on how to contain and lower data breach costs are simply best practices. You can get started by taking them one at a time and rolling out upgrades to your overall security strategy.

Working with a trusted Managed IT Services provider, create a security and defense roadmap. Address the ‘low-hanging fruit’ first. Then, move on to longer-term projects.

As an example, ‘low-hanging fruit’ would be putting Multi-Factor Authentication (MFA) in place. It’s low-cost and easy to initiate. It also significantly reduces the risk of a cloud breach.

A longer-term project might be creating an Incident Response plan at least, and a Backup & Disaster Recovery plan at best – IF you don’t already have them. Then, you would set up a schedule to have your team drill on the plan regularly. During those drills, you could work out any kinks and make improvements.

Frequently Asked Questions

Q: What makes a good backup?

A:  Use the 3-2-1- rule: three copies of data, two local (on different devices), and one off-site.

Backup types:
Local Backup
Cloud Backup
Cloud to Cloud Backup

Q: What are examples of multi-factor authentication?

A: MFA is based on three authentication types:
1) Things you know (password, PIN, security questions etc.)
2) Things you have: (badge/security pass, smartphone for SMS codes etc.)
3) Things you are: (biometric – fingerprint or retinal scan etc.)

Q: What is the concept of zero trust?

A: Zero Trust is a security framework which requires all users, inside or outside the organization's network, to be authenticated, authorized, and continuously validated before being granted or keeping access to applications and data. This does not give executive management a pass, as has been the practice in many organizations. CEOs can be hacked just like anybody else.

Q: How are AI and automation related?

A: The majority of automation uses traditional software to move data from one place to another. The difference between AI and automation is that AI aims to simulate human thinking. Put another way; automation works with data, somewhat like a drone, whereas AI 'understands' data.

How secure is your network?

As a reputable member of the IT Support Los Angeles community since 2002, IT Support LA offers a FREE, no-risk network and security assessment. It is a non-intrusive scan that allows us to deliver a comprehensive report that is yours to keep. No strings, and no obligation to ever use our Managed IT Services.

The best defense is the best Cybersecurity to protect your data from theft, and a top-notch Managed Services Provider (MSP) to ensure continued reliability and defenses against newly emerging threats.

With our 100% Money Back Guarantee in writing, we offer a risk-free way for prospective clients to try us out. Because we do not require a ‘hard’ contract, our clients can fire us at any time with 30 days’ notice. We have to be good.

Among the Managed IT services we provide:

IT HelpDesk Service
Onsite IT Support
Cloud migration and management
Email migration services
Backup and disaster recovery
VoIP phone systems
IT disposition and recycling
Office moves
White label services (IT to IT)

Need Help Improving Your Security & Reducing Risk?

Working with a trusted IT partner takes a lot of the security burden off your shoulders. Give us a call today to schedule a chat about a Cybersecurity roadmap. We can also perform our FREE Network and Cybersecurity assessment.

IT Support LA an award-winning Managed Services Provider (MSP):
o  3 Years awarded Best IT by the Small Business Expo
o  Awarded 2nd best company of any type in the US by the Small Business Expo SB100
o  Awarded Best IT in California by Channel Futures
o  Winner of Best IT Support in Los Angeles 2021 by Channel Futures
o  Listed as one of the world’s Top 501 Managed Services Providers by CRN and in the top 250 in the   ‘Pioneer’ listing
o  4 years listed as one of the Top 501 MSPs in the World by Channel Futures
o  Globee 2021 Bronze Award winner for Chief Technology Officer of the Year
o  Globee 2022 Gold Award winner for Chief Technology Officer of the Year
o  Named one of 2022’s 50 ‘Best’ businesses in California by UpCity
o  Named Best of IT Services winner for 2021 by UpCity
o  Winner of Local Excellence Award for 2021 by UpCity
o  Named Best of Cloud Consulting winner for 2021 by UpCity
o  Certified as Top MSP and Cybersecurity Pro for 2021 by UpCity
o  Named Best IT Support in Los Angeles for 2021 by

For more information, or to receive your FREE no-risk network and Cybersecurity assessment, just fill out the form on this page or call us at: