4 Practices that reduce data breach costs

A photo of a man's hands as he types code on a laptop.

No business wants to suffer a data breach. But unfortunately, in today’s environment, it’s challenging to avoid breaches altogether. Approximately 83% of organizations have experienced more than one data breach.

However, companies don’t need to resign themselves to the impending doom of a data breach. Some tactics are proven to mitigate the costs of a data breach. In addition, these cybersecurity practices can limit the damage of a cyberattack.

For over 25 years, WEBIT Services has helped hundreds of clients build effective, framework-driven security and reduce risk.

By reading this article, you will learn how security breaches can damage businesses and four security practices that can help you minimize the effectiveness and costs of a security breach.

How security breaches hurt businesses

These breaches hurt businesses in many ways. First, there is the immediate cost of remediating the breach. Then, there are the lost productivity costs. A company could also have extensive legal fees associated with a security breach. In addition, breaches often lead to a damaged reputation and loss of customer trust.

The global cost of one breach is now $4.35 million, up 2.6% from last year. If your business is in the U.S., that number rises to $9.44 million.

While the cost may be lower, breaches are often more devastating for small to medium-sized businesses (SMBs) because they lack the resources of larger companies to offset the cost of a breach.

An estimated 60% of small companies go out of business within six months of a cybersecurity breach.

Companies don’t need to resign themselves to the impending doom of a data breach. There are some proven tactics they can take to mitigate the costs. These cybersecurity practices can limit the damage of a cyberattack.

4 Cybersecurity Tactics to Reduce the Impact of a Breach

1. Use a hybrid cloud approach

Most organizations use the cloud for data storage and business processes. For example, researchers found that 45% of all data breaches happen in the cloud. All cloud strategies are not created equally.

Breaches in the public cloud cost significantly more than those in a hybrid cloud. A hybrid cloud divides data and processes between public and private cloud environments. This approach has proven better than using only a private cloud.

A graph of cloud breach costs

Graph from: IBM Security/Ponemon Institute 2022 Cost of a Data Breach Report

2. Create an incident response plan

An incident response plan is a set of instructions for employees to follow if cybersecurity incidents occur.

For example, in the case of ransomware, the first step should be disconnecting the infected device.

Incident response plans improve the speed and effectiveness of a response in the face of a security crisis.

Having a practiced incident response plan reduces the cost of a data breach by an average of $2.66 million per incident.

3. Adopt a zero trust security approach

Zero trust is a collection of security protocols that fortify a network. An example of a few of these are:

Adopting a zero trust approach can significantly reduce data breach costs. Organizations that don’t deploy zero trust tactics pay about $1 million more per data breach.

4. Use tools with security AI and automation

Using the right security tools can significantly affect the cost incurred during a data breach. Security AI and automation brought the most savings.

Data breach expenses lowered by 65.2% thanks to security AI and automation solutions. These types of solutions include tools like advanced threat protection (ATP). They can also include applications that hunt out threats and automate the response.

Next steps to improving your cyber resilience

Many of these ways to lower data breach costs are simply best practices.


Create an IT roadmap with your IT provider or internal IT team. Address the “low-hanging fruit” first. Then, move on to longer-term projects.

For example,  putting multi-factor authentication in place is considered a “low-hanging fruit.” This is because it’s low-cost and easy to apply. It also significantly reduces the risk of a cloud breach.

A longer-term project might be creating an incident response plan. Then, you would set up a schedule to have your team drill on the plan annually to test its effectiveness.

Talk with your IT provider or team to verify that you have the four recommended practices in place to reduce the cost of a data breach. These practices include:

  1. Use a hybrid cloud approach
  2. Create an incident response plan
  3. Adopt a zero trust security approach
  4. Use tools with security AI and automation

Your IT provider or team can help you select and implement these tools and practices to protect your business better.

WEBIT Services is passionate about helping clients define their acceptable risk levels and reach their cybersecurity goals. We believe education and knowledge are the first steps in building effective cybersecurity practices.

If you’re looking for a new IT provider, schedule a 30-minute consultation to see if WEBIT Services might fit your company.

If you’re not ready to make a commitment but want to learn more about IT security, we recommend the following articles: