The odds that your organization will suffer a data breach are not just higher than ever. They are more expensive than ever.
A recent report from Kaspersky Lab and B2B International, for instance, estimates that the full impact of a data breach now amounts to $1.3 million for large companies in the U.S., compared with $1.2 million in 2016.
A report conducted by the Ponemon Institute, whose recent annual survey took a more global look, found a 27.7 percent likelihood of a company sustaining a recurring material data breach over the next couple of years.
Ponemon’s report, which surveyed 419 companies in 13 regions around the world, also offered new insight into the extent of the financial havoc that malicious hackers inflict on their victims. Consider these revealing data points:
Clearly, there are any number of direct and indirect costs – ranging from legal fees to lost customer records to employee and company downtime – that your organization will be forced to absorb following a data breach.
... businesses can help their cause by preparing cyberdefenses for the inevitable
How much you’ll wind up paying will vary according to industry, geography, and the size of the data loss. But when it comes to tallying up the final tab, here’s what will loom large in shaping the calculation:
Response time means everything.
The Ponemon report found a clear link between how long it took to identify and contain a data breach and the final cost to the organization. On average, breach containments that take more than 30 days cost about $1 million more than those that take less than 30 days.
Where you set up shop matters.
The average per capita cost of a data breach in the U.S., and Canada was the highest among the surveyed nations at $225 and $190, respectively. On the opposite end of the spectrum, the least expensive regions were in Brazil and India at $79 and $64, respectively.
While the average global cost of a data breach per lost or stolen record was $141, some industries get hit harder than others.
For instance, healthcare organizations ranked No. 1, incurring an average cost of $380. The other top targets were financial services at $245 and media at $119. By contrast, the public sector had the lowest average cost per lost or stolen record at $71.
But let’s finish on a more optimistic note. Organizations that draw up incident response plans will be able to more quickly identify what’s happened, what the attacker has access to, and how to contain and remove that access.
Indeed, there’s modest progress to report; according to Ponemon, the number of days companies needed to identify data breaches fell from an average of approximately 201 last year to 191 days. Also, the average number of days it took to contain data breaches dropped from 70 to 66 days.
Look at it another way: While data breaches are becoming more widespread, businesses can help their cause by preparing cyberdefenses for the inevitable. So, when an attack finally comes, they will be in a far better position to limit the resulting expenses to just another cost of doing business.
Learn more about protecting your business in AT&T Cybersecurity Insights, Volume 6: "Mind the Gap: Cybersecurity’s Big Disconnect."
In this invaluable report, you'll read about the troubling disconnects that have emerged between today's cybersecurity threats and organizations' countermeasures, as well as what you can do to help strengthen your defenses and reduce risk.
Learn how your business can fill the gaps and help strengthen its defenses in this free, interactive report: “Mind the Gap: Cybersecurity’s Big Disconnect.”
Share this with others
READ MORE ARTICLES ON:
Sign up for the AT&T Business newsletter
Your feedback will help us to improve AT&T Business so you continue to have a great experience when visiting us!
This survey is conducted by an independent company ForeSee for AT&T.
Yes, I’ll give feedback!
Please provide the following information to access your document:
* To access your content, please check your browser settings to make sure pop-up windows are allowed.