IBM & Ponemon Institute: Cost of Data Breaches Dropped 10 Percent Globally In 2017
IBM Security has announced the results of a global study exploring the effects of data breaches on business.
Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach is $3.62M globally, a 10 percent decline from 2016.
This is the first time since the global study was created that there has been an overall decrease in the cost. According to the study, these data breaches cost companies $141 per lost or stolen record on average.
Analyzing the 11 countries and two regions surveyed in the report, IBM Security identified a close correlation between the response to regulatory requirements in Europe and the overall cost of a data breach.
According to the 2017 Cost of Data Breach Study: Global Overview, “compliance failures” and “rushing to notify” were among the top five reasons the cost of a breach rose in the U.S. A comparison of these factors suggests that regulatory activities in the U.S. could cost businesses more per record when compared to Europe.
For example, compliance failures cost U.S. businesses 48 percent more than European companies, while rushing to notify cost U.S. businesses 50 percent more than European companies. Additionally, U.S. companies reported paying over $690,000 on average for notification costs related to a breach — which is more than double the amount of any other country surveyed in the report.
Some additional findings from the report:
- By Industry, Healthcare Breaches Most Costly: For the seventh year in a row, healthcare has topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average across industries ($141 per record.)
- Top Factors Increasing Cost of a Breach: The involvement of third-parties in a data breach was the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record. Organizations need to evaluate the security posture of their third-party providers – from payroll to cloud providers to CRM – to ensure the security of employee and customer data.
- Top Factors Reducing Cost of a Breach: Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.50 reduction per record).
- Positive Impact of Resiliency Orchestration: Business continuity programs are significantly reducing the cost of a data breach. The overall average data breach cost per day is estimated at $5,064 in this year’s study. Companies that have a manually operated Disaster Recovery process experienced an estimated average cost of $6,101 per day. In contrast, companies deploying an automated Disaster Recovery process that provides resiliency orchestration experienced a much lower average cost per day of $4,041. This represents a net difference of 39 percent (or a cost savings of $1,969 per day).
turbotodd
Turbotodd 
Leave a comment