RETURN TO MAIN BLOG
The answer ultimately depends on the country and industry but in general, can span anywhere from $1.25 million to $8.19 million.
It’s difficult to get a proper grip on cybersecurity by the numbers, especially when every other day brings news of a new breach, many which see millions upon millions of records exposed.
The latest number – one that’s a safe bet to change in a few months from now, if not sooner – is $3.9 million.
That’s the average cost of a data breach currently, a figure that’s up 1.5 percent from the year prior and factors into a 12 percent increase over the past five years.
The statistic, per IBM and the Ponemon Institute’s annual “Cost of a Data Breach” report, will likely be one of the most cited, the rest of the year, across the cybersecurity landscape, when it comes to putting a price tag on the costs associated with a breach.
The report, which clocks in at 77 pages this year, aggregates costs reported by 507 organizations, from 17 industries, from 16 regions: United States, India, the United Kingdom, Germany, Brazil, Japan, France, the Middle East, Canada, Italy, South Korea, Australia, Turkey, ASEAN, South Africa, and, Scandinavia. Through interviews with 3,211 individuals, IBM and Ponemon collected data points regarding the number of customer records lost or stolen in breaches, how the company responded to the breach, and how their business fared after the breach. The report, released last week, is in its 14th year.
According to the report, data breaches cost companies surveyed in the report $150 per record. Perhaps unsurprisingly, that number is up over last year’s figures, which put the average cost of each record at $148, up from $141 in 2017.
Can Factors Detract From the Cost of a Data Breach?
The report thoroughly breaks down every angle of a data breach and at one point, digs into how having mitigations in place, like an incident response team or encryption, can reduce the cost of a breach. According to IBM/Ponemon, by having both in place a company could potentially reduce the cost of a breach by $720,000.
According to the report, companies that had security automation technologies deployed experienced around half the cost of a breach ($2.65 million on average) compared to those that did not have these technologies deployed ($5.16 million average). Specifically, companies that have an incident response team and build on that team by performing periodic incident response plan testing proved beneficial too; companies that do both could save $1.23 million per data breach on average, according to the report.