IBM in association with Ponemon Institute has reported that single data breach cost has reached to $3.79 million which is a 23% rise. The report also suggests that the per-record cost of a data breach reached to $154 this year, a 12% increase from last year’s $145.
Loss of business was significant, and growing, part of the total cost of data breach. As per the report status, higher customer turnover, increased customer acquisition costs, and a hit to reputations and goodwill added up to $1.57 million per company, up from $1.33 million from the previous years.
The Ponemon Institute report was prepared after analyzing the results from 350 companies in 11 countries, each of which had suffered a breach over the past year.
Data Breach costs varied for different countries. For example the US had highest per-record cost of $217 and was followed by Germany at $211. India and other Asian countries cost per breach was termed at $56 per record.
When the results were sorted as per the industry, the highest costs were in the healthcare industry, at an average of $363 per record.
The following are the factors which influenced the breach costs-
- Unavailability of an incident response team paved way to data breaches in a company. And if these teams were present ahead of a data breach, a cost reduction on per-record cost by $12.60 can be observed.
- Using encryption extensively reduced costs by $12 and employee training regarding data breaches and their impact on business can reduce the costs by $8.
- If in case, a business continuity management personnel were part of the incident response team, costs fell by $7.10.
- CISO leadership lowered costs by $5.60 and board involvement cot down costs by $5.50.
- Cyber insurance presence which is now on great demand in IT sector has also sneaked into the report. The Ponemon Institute report said that by presence of cyber insurance cut down in costs by $4.40 can be observed.
Factors that increased costs were the need to bring in outside consultants, which added $4.50 per record. If there were lost or stolen devices, costs increased by an average of $9 per record.
And the single biggest factor which increased costs was if a third party was involved in the cause of a breach. That increased costs by $16, from $156 to $170 as reported in the first paragraph.
IBMs data breach report prepared in association with Ponemon Institute found that cost rise in this segment was directly proportional to time. It justified this concept by adding a few instances which are as follows-
- It was found in their study that it took respondents 256 days on an average to spot a breach caused by a malicious attacker, and 82 days to contain it.
- Breaches caused by system glitches took 173 days to spot and 60 days to contain.
- And those caused by human error took an average of 158 days to notice, and 57 days to contain.
For more details click on IBM Data Breach report 2015
storageservers.wordpress.com 