Calculate the risk

Posted on Jun 17 2017 - 8:30am by Editorial Content

The 11th annual Cost of Data Breach Study, independently conducted by Ponemon Institute and sponsored by IBM, found that the average total cost of a data breach for the 383 companies that participated, increased from $3.79 to $4 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased from $154 in 2015 to $158 in this year’s study.

The global study looked at the likelihood of a company having one or more data breach occurrences in the next 24 months, estimating a 26 per cent probability of a material data breach involving 10,000 lost or stolen records.

Seven global megatrends

1 The cost of a data breach has not fluctuated significantly, suggesting it is a permanent cost organisations need to be prepared to deal with and incorporate in their data protection strategies.

2 The biggest financial consequence of a data breach is lost business.

3 Most data breaches continue to be caused by criminal and malicious attacks. These breaches take the most time to detect and contain and as a result, have the highest cost per record.

4 Organisations recognise that the longer it takes to detect and contain a data breach the more costly it becomes to resolve. Over the years, detection and escalation costs have increased. This suggests investments are being made in technologies and in-house expertise.

5 Regulated industries, such as healthcare and financial services, have the most costly data breaches because of fines and the higher than average rate of lost business and customers.

6 Improvements in data governance programs will reduce the cost of data breach. Incident response plans, appointment of a CISO, employee training and awareness programs and a business continuity management strategy, continue to result in cost savings.

7 Investments in certain data loss prevention controls and activities such as encryption and endpoint security solutions are important for preventing data breaches. This year’s study revealed a reduction in cost when companies participated in threat sharing and deployed data loss prevention technologies.

By numbers

383 companies in 12 countries

$4 million is the average total cost of data breach

29% increase in total cost of data breach since 2013

$158 is the average cost per lost or stolen record

15% increase in per capita cost since 2013