According to an IBM report, a data breach can cost $3.86 million. Here are the main factors.
The average global cost of a data breach is $3.86 million, which is a 6.4% increase from 2017, according to a Wednesday report sponsored by IBM Security and conducted by Ponemon Institute.
Based upon detailed interviews with nearly 500 data-breached companies, the report studied hundreds of overlooked expense factors associated with a breach—including technical investigations and recovery, legal and regulatory activities, notifications, and loss of business and reputation, said IBM's press release.
The Ponemon Institute isn't new to data breach research, examining data breaches of less than 100,000 records for the past 13 years. In their research, they found that data breach costs have steadily increased over the course of their studies, the release noted.
SEE: IT leader's guide to cyberattack recovery (Tech Pro Research)
The amount of time it takes to find a data breach, investments in technology that expedite response time, and lost or stolen records impact data breach costs severely, said the release. Response time is crucial, with companies saving over $1 million upon finding the breach in less than 30 days, said the release. Companies lost an average of $148 per lost or stolen record, which supports the need to find a breach quickly, continued the release.
IBM and Ponemon Institute also included the first ever calculations of full mega breach costs. According to the press release, a mega breach is a data breach with over 1 million lost records. After analyzing 11 companies that recently experienced a mega breach, the study found that a data breach of 1 million records lost cost $40 million; reaching 50 million records, the approximate total cost is $350 million. The report outlines the main reason for such high costs: Lost business.
On the bright side, the research found that security automation tools are working. The research studied organizations' use of machine learning, artificial intelligence, analytics, and orchestration to identify and contain breaches. Companies that extensively used automatic security tech saved over $1.5 million on the total of a breach, said the release.
The big takeaways for tech leaders:
- Data breaches have steadily increased over the past decade, mainly due to slow response time and lost records, according to a report conducted by Ponemon Institute .
- While mega breaches and normal data breaches are at an all-time high, security automation tools are effective in lessening the overall cost, Ponemon's research claims.
- Defending your data from notifiable data breaches (TechRepublic)
- Ticketmaster breach was part of a larger credit card skimming effort, analysis shows (ZDNet)
- Cheat sheet: How to become a cybersecurity pro (TechRepublic)
- Timehop database hack sees 21 million users' data stolen (CNET)
- Cyberoam Endpoint Data Protection (Download.com)