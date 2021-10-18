How does all of this help you plan for the future? Let’s learn from the best practices of experts! To mitigate the cost and time to address any cloud data breach, here are three approaches you should be looking into alongside the ones mentioned above:

1. Be particularly cautious during a cloud migration

Whether you are planning a cloud migration to launch a new mobile app or modernize elements of your application estate, the time spent in the planning stage is critical. Migrating to a cloud can be a risky time and, based on our research, is the single biggest factor of whether a cloud data breach occurred at all. Companies with a mature stage of migration experienced shorter windows to identify and contain data breaches. This means that if you are planning to migrate to a cloud environment or if you’re doing so right now, paying extra attention to the number of new users, the number of new tools and processes you might be using and ensuring a sound governance approach is a necessary and solid plan. The average company appears to be using between 26-32 different cloud security tools, just for starters, and more isn’t always the merrier in this case. It might just mean more management.

2. Automate your security and make it more intelligent

Remote working has created more automation over the past few years. Employing security automation and AI tools was associated with a lower average cost of data breach and shorter breach lifecycle. This just makes sense, as security endpoints and data are growing exponentially, while algorithms are becoming better able to find granular issues that typical threshold-based alerting systems might not detect. The 2021 Cost of a Data Breach Report found that organizations with no security AI and automation averaged a hefty cost of 6.71 million USD per breach, whereas an organization with a fully deployed system saw costs averaging 2.90 million USD. The choice of whether to use an AI platform was a leading factor in mitigating costs, with an average cost difference of 1.49 million USD.

3. Take a “zero trust” approach to your cloud stack

Zero trust is an industry framework for managing security in different domains including the network, identity and data. With the recent U.S. executive order calling for it (link resides outside ibm.com), this is becoming a de-facto standard. The 2021 Cost of a Data Breach Report found that a zero trust approach helped reduce the average cost of a data breach by 1.76 million USD, representing a difference of 42.3%.

While the selection and roll-out of such a framework tends to begin in the Chief Information Security Officer’s group, the typical cloud solution architect or cloud team should be shifting now towards a technical assurance posture for their cloud, where they no longer allow only policies or operational assurance to dictate what occurs. Technologies like confidential computing, as part of a zero trust approach, remove the implicit trust that applications place in the underlying software stack and cloud providers, allowing you to modernize operations and embed security into each step of the development cycle to help reduce the cost and impact of a data breach.