Insights on remote working from the 2020 Cost of a Data Breach Report

What we used to do occasionally or rarely, has now become the new norm – yes, I’m talking about working from home. The pandemic has pushed people, acquiescent or not, to work remotely. Organizations have adopted remote working models and are getting their teams accustomed to integrating their work online. Naturally, cloud adoption is also intensifying. In such a situation, it isn’t surprising to see a rise in cybersecurity incidents, the most devastating one being data breaches.

A recent article on CNBC claims that data breaches have grown in intensity and frequency in the last few months as cybercriminals take advantage of the coronavirus confusion. Large-scale data breaches increased 273% in the first quarter, compared to the same time last year, according to a new study from cloud computing company Iomart.

To understand the new reality imposed by remote working, Ponemon Institute has added several questions to their research this year to gather the opinions of study participants (belonging to 524 organizations spanning 17 countries and regions as well as 17 industries, that have faced data breaches) on the potential impacts of COVID-19 on the cost of a data breach.

The following are the key insights related to remote working in the 2020 Cost of a Data Breach Report:

  1. Remote work during COVID-19 is expected to increase data breach costs and incident response times

The report sets the average total cost of a data breach at $3.86 million and the average time to identify and contain a data breach at 280 days. 76% of the participants surveyed said that remote work would increase the time to identify and contain a breach, and 70% said that it would also increase the cost of a data breach. Having a remote workforce was found to increase the average total cost of a data breach of $3.86 million by nearly $137,000, for an adjusted average total cost of $4 million.

  1. Adopt a zero-trust security model to help prevent unauthorized access to sensitive data

The report shows that lost and stolen credentials make up the most common root causes of a data breach. As organizations have shifted to incorporate remote work and more disconnected, hybrid multi-cloud environments, a zero trust strategy can help protect data and resources by making them accessible only on a limited basis and in the right context. So, what exactly does zero trust mean?

According to a CSO article, Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. The article goes on to say that defending perimeters is not working, given that some of the most egregious data breaches happened because hackers, once they gained access inside corporate firewalls, were able move through internal systems without much resistance. In such a situation, a zero trust model might just be what is needed.

  1. Misconfigured clouds are a leading cause of breaches

As I’ve mentioned previously, cloud adoption has been a natural consequence of remote working. Unfortunately, the report states that misconfigured cloud servers, alongside stolen or compromised credentials, tied for the most frequent initial threat vector in breaches caused by malicious attacks, at 19%. Breaches due to cloud misconfigurations resulted in the average cost of a breach increasing by more than half a million dollars to $4.41 million.

Ironically, the report also states that undergoing an extensive cloud migration at the time of the breach increased the average cost of a breach by more than $267,000, to an adjusted average cost of $4.13 million. There is pretty much no way for organizations to avoid cloud migration, given that their workforce is now online. The solution wouldn’t be to find ways to avoid it, but to take adequate measures to secure data on the cloud.

  1. Use tools that help protect and monitor endpoints and remote employees

The right data security tools can help provide security teams with deeper visibility into what’s happening across the organization. These tools include techniques that protect sensitive data throughout its lifecycle, starting with data discovery, to data masking, data monitoring, and lastly, data minimization.

In fact, the report states that the impact of security automation on data breach costs has grown over the past three years, as the effectiveness of security automation in reducing the average cost of a data breach continues to grow. Businesses that had not deployed security automation saw an average total cost of $6.03 million, more than double the average cost of a data breach of $2.45 million for businesses that had fully deployed security automation. The $3.58 million savings in average breach costs for companies with fully deployed security automation versus those without deployed security automation grew from a savings of $1.55 million in the 2018 study.

Even though the cost and effort taken to deploy a fully automated security system is high, it is nothing compared to the brunt of facing the cost of a data breach. Organizations should be proactive and take the right measures to protect the data of their remote workforce.


TheMENTIS platformcomprises a comprehensive solution that protects sensitive data along its lifecycle in the customer’s systems - providing capabilities from sensitive data discovery, masking, and monitoring to data retirement. Engineered with unique, scalable architecture and built-in separation of duties, it delivers comprehensive, consistent, and reliable data and application security across various data sources (mainframe, relational databases, unstructured data, big data, on-premise, and cloud).