Font Size: A A A

Case Studies

Data breach study

The average total cost of a breach ranges from $2.2 million for incidents with fewer than 10,000 compromised records to $6.9 million for incidents with more than 50,000 compromised records, according to a study sponsored by IBM Security and run by the US-based Ponemon Institute.

The 13th-annual Cost of Data Breach Study includes two new factors in its analysis that influence data-breach costs: deployment of artificial intelligence (AI) and the extensive use of Internet of Things (IoT) devices. The analysis also includes the cost of a so-called mega breach — an incident resulting in the loss of one million records or more — and the financial consequences of customers losing trust in an organisation.

In this year’s study, the average cost of a data breach per compromised record was $148, and it took organisations 196 days, on average, to detect a breach. Larry Ponemon said: “Overall, we found that the total cost, per-capita cost and average size of a data breach (by number of records lost or stolen) have all increased year over year. Locations that experienced the most expensive data breaches include the U.S., where notification costs are nearly five times the global average, and the Middle East, which suffered the highest proportion of malicious or criminal attacks — the most expensive type of breach to identify and address. Data breaches are less expensive in Brazil and India, where detection, escalation and notification costs rank the lowest.

“There are strategies to help businesses lower the potential cost of a data breach. For the fourth year running, the study found a correlation between how quickly an organisation identifies and contains a breach and the total cost.”

For the first time, this year’s study examined the effects of organisations adopting AI as part of their security automation strategy and the extensive use of IoT devices. AI security platforms save companies money — an average of $8 per compromised record — and use machine learning, analytics and orchestration to help human responders identify and contain breaches. However, only 15 percent of companies surveyed said they had fully deployed AI. Meanwhile, businesses that use IoT devices extensively pay $5 more per compromised record on average.

For more, visit the IBM Security Intelligence Blog.


Andy Norton, director of threat intelligence at Lastline said: “The fact that the cost of breaches has risen so starkly shouldn’t come as a surprise to many. These mega breaches have increased sharply in recent years, and show no signs of slowing. Cybercrime has become increasingly more organised and easy to access, with ransomware-as-a-service and phishing-as-a-service packages readily available on the dark web. These breaches also work as something of a self-fulfilling prophecy, as the stolen data provides a pipeline for future cyberattacks. GDPR will also have help the impact of breaches to be felt more financially, as the fines associated with poor data protection have rocketed. Although these breaches may not be as a direct result of human error, a general lack of security awareness outside of IT or security departments is undoubtedly a contributing factor. A combination of educational initiatives and appropriate spending on cyber defences is the best approach to stemming the flow of data breaches.”

And Pete Banham of cyber security product company Mimecast said: “Whilst not every breach reaches the headlines, businesses must realise that there is a huge impact regardless of its size. In addition to the huge financial costs, the resultant downtime – whether minutes, hours or days – can disrupt productivity and have a significant impact on your brand. Most organisations focus only on prevention but this Ponemon study highlights the clear cost-saving benefits of an incident response team, business continuity management processes and employee training. Together these elements should be part of an organisation’s cyber resilience strategy. This involves prevention coupled with the ability to get back up and running quickly, with minimum disruption and zero data loss in the event of a successful attack.”


Related News