Data centers are on high alert to protect their valuable assets such as customer data, financial records, and intellectual property as the cost of an average data breach soaring to an all-time high.
“Today, more than 2.5 million quintillion bytes of data are created every day, an immense total that requires every person on earth to produce at least 1.7 MB of data every second,” wrote Tina D’Agostin, CEO of Alcatraz AI, in Forbes. “Data is the fuel powering the platforms and services that facilitate our everyday lives in the digital age. It’s also at risk like never before.”
IBM Security’s annual “Cost of a Data Breach Report” released this summer found that the global average cost of a data breach reached an all-time high of $4.35 million in 2022, an increase of almost 13 percent over two years. The cost for U.S. organizations was more than double at $9.44 million per data breach.
Industry experts argue that the rising cost of these data breaches is essentially creating a “cyber tax” as companies must pass along the expenses of the attacks downstream to consumers and clients.
“It’s clear that cyberattacks are evolving into market stressors that are triggering chain reactions, [and] we see that these breaches are contributing to those inflationary pressures,” IBM Security’s X-Force research team head of strategy John Hendley told Dark Reading. “We have to think about cyber events as factors that are capable of straining the economy, similar to COVID, the war in Ukraine, gas prices, all of that.”
The IBM report found that 83 percent of the organizations studied have had more than one data breach with the four most popular methods allowing bad actors to infiltrate data centers from anywhere in the world including:
The IBM report says that when a data breach occurs via a physical security compromise that it takes, on average, 217 days to identify the breach, and another 63 days to contain the breach for an overall average time of 280 days.
While the focus on digital attacks is well warranted, the fifth most popular avenue of data breach attack was actual physical security compromise, occurring in nearly 1 of 10 attacks with an average global cost of $3.96.
Physical security compromise accounted for a higher percentage of data breaches than:
“It’s easy to fall into a trap where you assume a data breach comes via malware infection, stolen credentials, or a lost laptop. But in the eyes of compliance officers and data breach regulations, it doesn’t matter how a breach occurs. If the data is in any way compromised by an unauthorized source, that means it has been breached,” says Security Intelligence.
The publication says that data center physical security breaches can take several different avenues, including:
“While data servers should have cybersecurity systems and tools in place to prevent data breaches, employees don’t always treat the security of the physical servers with the same high levels of protection,” says Security Intelligence.
Protecting the physical security of your data center extends beyond cyberattacks as you must keep the facility safe from power outages, fires, floods, and other man-made and natural disasters.
“Physical security also means protection from natural disasters. Hackers aren’t the only way your data can be compromised,” said Security Intelligence. “Various systems need to be put in place to proactively manage any type of natural disaster.”
Data center redundancy such as backup sources of power and routine backup of data is important in the event of natural disasters.
When it comes to stopping physical cyberattacks, you can think of your data center in terms of four layers:
The deeper the layer penetrated by a bad actor, the more damage can be done.
Here are some ways to protect your data center in each layer:
“Even as companies migrate most of their data to public clouds, there will always be a need for onsite servers. As long as they hold corporate data, they are at risk of a data breach and require physical security to protect them,” concluded Security Intelligence.