The Colonial Pipeline ransomware attack was the largest in the energy sector to date, and with cybercrimes up 100% from 2019 to 2020 this is only the beginning for 2021. Many organizations are taking on a digital transformation of moving to the cloud and thereby creating a more connected world; the problem is that connectivity has also created an opening for cyber criminals to compromise these systems and demand ransomware payments.

While the US Department of the Treasury has deemed paying ransomware a violation of OFAC regulations, ransoms like the Colonial Pipeline attack put an organization in a very difficult dilemma. By not paying you could be doing more damage (e.g., rising gas prices) to your organization long term. For example, the City of Baltimore was hacked in May of 2019 and decided not to pay the ransom of 13 bitcoins, which at the time equated to roughly $91,000. It was a noble move, but not a financially successful one as Baltimore ended up spending more than $18 million on recovery.

IBM states the average time to identify and contain a breach is 280 days, and the average breach costs $4 million. This says two things:

1. Organizations must find ways to become more resilient and responsive, and
2. You can limit your threat profile by minimizing your data footprint. Eighty percent of most organizations’ data is redundant, obsolete, or trivial (ROT), meaning it has no business, legal, or regulatory value.

Introspec eliminates ROT, identifies PII (personal identifiable information) and PHI (protected health information), and reduces your data footprint by 50%. By decreasing your threat footprint, you not only eliminate the effects of a breach, but you’re also able to put risk mitigation and remediation strategies in place that protect you. In the Colonial Pipeline attack, for example, the attackers downloaded 100 gigabytes of corporate data and then encrypted the original data on the network. Let’s take the average cost per corporate record at $150 and a total record count at 26,000. If this data had been identified, remediated, and encrypted beforehand using Introspec, adjusting the count by 50% to 13,000 records, the total cost savings would’ve been close to $2 million.