IBM Security announced the results of a global study which examined the full financial impact of a data breach on a company’s bottom line.
The research, which was jointly conducted by the Ponemon Institute and IBM Security, found that data breaches are continuing to be even more costly.
Over the past few years, data breaches have hit major tech companies including Facebook and Uber.
In its ‘2018 Cost of Breach Study’, the average cost of a data breach is $3.86 million (£2.9 million), an increase of 6.4 percent from the 2017 report.
How Much Does a “Mega Breach” Cost?
For the first time in the ‘Cost of Breach Study’, it calculated the costs associated with mega breaches.
These mega breaches ranged from a million to 50 million records being lost, costing companies between $40 and $350 million (£30 and £264 million).
Wendi Whitmore, Global Lead for IBM X-Force Incident Response and Intelligence Services mentioned the indicated figures are varied and only focus on a few specific costs that are “easily quantified”.
Whitmore said: “The truth is there are many hidden expenses which must be taken into account, such as reputational damage, customer turnover, and operational costs.
“Knowing where the costs lie, and how to reduce them, can help companies invest their resources more strategically and lower the huge financial risks at stake.”
What Industries Have Higher Data Breach Costs?
Within the study, highly regulated industries such as healthcare and financial services per capita data breach cost were higher than the overall mean.
Healthcare had the highest overall mean per capita for data breach costs at $408 (£307) with financial services in second place at $206 (£155).
In comparison, public sector, research and media per capita costs for data breaches were well under the overall mean value.
Public and research were the lowest industries for data breach spending at $75 (£56) and $92 (£69) respectively.
Dr Larry Ponemon, Chairman and Founder of Ponemon Institute added: “While data breach costs have been rising steadily over the history of the study, we see positive signs of cost savings through the use of newer technologies as well as proper planning for incident response, which can significantly reduce these costs.”
This article is from the CBROnline archive: some formatting and images may not be present.