The 2018 Cost of a Data Breach Study, sponsored by IBM Security and conducted by Ponemon Institute, found that the average cost of a data breach globally is USD 3.86 million, a 6.4% increase from the 2017 report.
The study calculated the costs associated with “mega breaches” ranging from 1 million to 50 million records lost, projecting that these breaches cost companies between USD 40 million and USD 350 million respectively. In the past five years, the amount of these large data breaches has nearly doubled - from just nine mega breaches in 2013, to 16 mega breaches in 2017.
Another key findings include: the vast majority of these breaches (10 out of 11) stemmed from malicious and criminal attacks (as opposed to system glitches or human error) and the average time to detect and contain a mega breach was 365 days – almost 100 days longer than a smaller scale breach (266 days).
For mega breaches, the biggest expense category was costs associated with lost business. One major factor impacting lost business costs is customer turnover in the aftermath of a breach; in fact a recent IBM / Harris poll report found that 75 percent of consumers in the US say that they will not do business with companies that they do not trust to protect their data.
Having an incident response team was the top cost saving factor, reducing the cost by USD 14 per compromised record, while the use of an AI platform for cybersecurity reduced the cost by USD 8 per lost or stolen record.
Moreover, the analysis found that organizations that had extensively deployed automated security technologies such as machine learning, artificial intelligence saved over USD 1.5 million on the total cost of a breach (USD 2.88 million, compared to USD 4.43 million for those who had not deployed security automation).
Some of these results are confirmed by Vivek Bajaj, Global VP of Solutions for IBM Financial Services that considers businesses can fight money laundering and improve onboarding and KYC processes, by combining AI, cognitive analytics with human expertise.
The study also compared the cost of data breaches in different industries and regions, finding that data breaches are the costliest in the US and the Middle East, and least costly in Brazil and India.
The 2018 Cost of a Data Breach study is based on in-depth interviews with nearly 500 companies that experienced a data breach, and analyses hundreds of cost factors surrounding a breach, from technical investigations and recovery, to notifications, legal and regulatory activities, and cost of lost business and reputation.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now