A recent study conducted by IBM provides some context to the same old story that you hear in the news of big bad breaches and how scary they are for your business. The Cost of a Data Breach Study by Ponemon
The average cost of a breach increased this year by 6.4%, with the per capita cost rising less, but only barely, by 4.8% (page 3). The cost of a data breach varies greatly by country, with the United States average breach price coming in at $7.91 Million and per capita costing $233. Canada’s per capita cost is the second highest out of the nations surveyed at $202 per record, and their average price of a breach is $4.74 million. Australia’s cost of a breach is less than the US and Canada, but Aussies are far from getting off free. The average cost of a breach down under is $1.99 million and the per capita cost averages at $108 (page 13).
The study also explored the main factors that were found to affect the cost of a breach, stating 5 major contributing factors that could make the difference between a manageable breach vs a mega breach. The loss of customers following a breach, the size of the data breach, the time it takes to identify and contain a breach, management of detection costs and management of the costs following a breach are the factors that most contribute to the cost of a breach (page 7). The time it takes to identify a breach being a major contributing factor to the cost of a breach is particularly important due to the fact that organizations saw an increased time to identify a breach this year. This can be contributed to the ever-increasing severity of malicious attacks companies face and highlight the need for proactive monitoring for breaches, as well as a serious focus on cybersecurity on a management level. That’s why tools such as Dark Web Monitoring that dredge the Dark Web for personal information and credentials can contribute greatly to decreasing the cost of a breach. Organizations that identified breaches within 100 days saved more than $1 Million (page 9) compared to companies who did not. That says a lot because after all… money talks.
*Source: Ponemon Cost of Breach Study 2018
