What is the Cost of a Data Breach?


cost of a data breach

It is critical for small business owners to protect confidential data proactively because the average cost of a data breach is huge. And in a worst-case scenario, data breach incidents can force businesses to be defunct as well. In this post, you will learn – what is the cost of a data breach and what you can do to cut down the cost.

Let’s explore:

Where do the Data Breach Reports Come From?

Some companies prepare data breach reports each year to help understand various aspects of data breach incidents.

Here are the top three reputed resources for data breach reports:

  • IBM The Cost of Data Breach Report

Sponsored by IBM Security, The Cost of Data Breach Report features research independently done by Ponemon Institute annually. In this report, the institute studies companies impacted by data breaches worldwide.

  • Verizon Data Breach Investigations Report

Each year, Verizon Data Breach Investigations Report explains data-driven, real-world views on what commonly befalls companies with regard to cybercrime. This data breach study offers many actionable insights to beef up your cybersecurity.

  • ForgeRock Consumer Identity Breach Report

If you want to look at how data breaches affect consumers across various reasons and industries, ForgeRock Consumer Identity Breach Report is the right resource. The report also offers insights into how one can strengthen cybersecurity to stay protected from attacks.

Data Breach Costs Key U.S. Findings

Data breaches often have long-term impacts on businesses. In addition to the cost of loss of data and regulatory fines, data breaches also have indirect costs, including employee turnover, lost revenue, customer turnover, negative search results, etc.

The following are key findings pertinent to data breach cost:

This is the average cost of data breaches.

The average global cost of a data breach reached $4.35 million, according to IBM’s data breach report. This marks an all-time high, reflecting a 2.6% increase from the previous year.

If you’re wondering about the average total cost of a data breach in the US, it stands at $9.44 million. This figure represents the highest average cost of a breach worldwide.

These are the most costly types of data breaches.

Do you want to find out the average cost of a data breach for different industries? Take a look at the data from the IBM report below:

  • Health care industry (10.10 million)
  • Financial industry (5.97 million)
  • Pharmaceuticals ($5.01 million)
  • Technology ($4.97 million)

The healthcare industry has the highest data breach costs, and the public sector has the lowest costs.

“Smishing” is one of the biggest emerging data breach threats

Smishing, a type of phishing that relies on text messages to induce users to reveal sensitive data, is emerging as one of the most significant data breach threats.

According to a Proofpoint report, smishing attacks targeting US users doubled. Furthermore, data from the Federal Trade Commission (FTC) revealed that 378,119 SMS-related fraud reports were filed during that time.

Double checking messages that create a sense of urgency or fear, avoiding clicking suspicious links, and contacting banks and other authorities directly for account-related issues are some effective ways to protect from smishing attacks.

These industries are the main data breach victims.

Here are industries that are the main data breach victims, according to the Verizon Data Breach Investigations Report:

  • Finance
  • Professional
  • Healthcare industry
  • Public administration

Why paying the ransom isn’t always a good idea.

After threat actors have encrypted data in a ransomware attack, business owners often consider paying the ransom. In fact, 53% of companies opt to pay for ransom. However, paying money isn’t always a good option. This is because paying threat actors encourages them to target more businesses And there is no guarantee that you will get full access to your data after the payment.

Uber paid hackers $100,000 to delete the compromised data but eventually spent $148 million in the final settlement.

 These top factors contributed the most to data breach costs.

The longer a breach goes undetected, the more time threat actors will have to exfiltrate/encrypt data. So it is no surprise that a shorter data breach lifecycle (time passed between the first detection of the breach and its containment) links with lower data breach costs.

A data breach lifecycle of 200 days or less was associated with an average global cost of $3.74 million. However, when the breach lifecycle extended beyond 200 days, the average cost rose to $4.86 million.

This is the cost of a data breach for each record.

The IBM data breach report shows that the average cost of a data breach per record is $164 globally, marking a 1.2% increase from the previous year.

Remote work is more susceptible to data breaches.

Having remote workforces increases the costs of data breaches. According to the IBM data breach report, companies having more than 80% remote workforces pay $5.10 million in average data breach costs.

This is the typical duration of a breach lifecycle.

The IBM report reveals that the average data breach lifecycle lasted 277 days. In a previous year, it took an average of 212 days to identify a breach and 75 days to contain it, resulting in a 287-day lifecycle. The longer a data breach persists, the higher its associated costs tend to be.

Small businesses are heavily impacted when a data breach occurs.

Small businesses are significantly affected by data breaches. In fact, 28% of data breaches have involved small businesses, according to the DBIR. A data breach incident can lead to higher costs for products and services. According to an IBM report, 60% of organizations experience price increases as a result of breaches.

 

11. Want to cut down on the cost of a data breach? Do this.

Implementing security AI and automation, having an incident response team, focusing on risks, and adopting a zero-trust model can cut down on the cost of a data breach.

Here are findings from the IBM report on data breach cost to prove it:

  • Fully deployed security AI and automation reduced average data breach cost by 65%
  • Organizations with incident response capabilities were able to reduce the overall cost of a data breach by 58%
  • Companies that prioritize risks, threats, and impacts using risk qualification techniques saw an average data breach cost that was 48% lower.
  • Companies that deployed the zero-trust model paid 20% less than the average data breach cost

Conclusion

Now that you know – what is the cost of a data breach? It is time to strengthen your data security to protect customer data or any other kinds of sensitive data from any potential data breach.

READ MORE: 

Image: Envato Elements


More in:

Leland McFarland Leland McFarland is the Chief Technology Officer at Small Business Trends. He is responsible for all technical aspects of the Small Business Trends network of websites. Leland is responsible for programming, design and maintenance of the sites, as well as server administration. He has performed work for Small Business Trends since 2010.