IBM has released its latest “Cost of a Data Breach Report,” providing detailed insights into the financial impact of data breaches. Compiled by the Ponemon Institute and based on responses from over 3,200 security experts and consultants from 500 organizations worldwide, the report offers a comprehensive analysis of the information security landscape. The report reveals that the average global cost of a data breach is USD $3.86 million (AUD $5.3 million), and it takes an average of 280 days to identify a breach. The authors state that detecting a breach within 200 days could save up to USD $1 million.
Attack vectors such as ransomware attacks, stolen or compromised credentials, and misconfigured networks were identified as costly additions to damage costs, with business email compromises (BEC) being the most expensive cause of a data breach due to the resource-intensive nature of the clean-up process.
How Much Does a Data breach cost
The “Cost of a Data Breach Report” also reveals the cost of data breaches in Australia. According to the report, the average cost of a data breach in Australia is AUD $3.35 million, with compromised credentials being the most common cause. The report states that 80% of data breaches resulted in customer data being accessed by an unauthorized third-party, leaving organizations liable to further punitive measures from regulators. In addition, the report shows that the COVID-19 pandemic has impacted the cost of data breaches, with remote working increasing the time taken to identify a breach and adding an extra cost of AUD $137,000 per breach.
The True cost of data breaches
The true cost of a data breach is not just financial; it can also result in reputational damage and loss of trust from customers. The report highlights that organizations with an information security management system or similar were spared millions of dollars in further damages in the aftermath of a data breach. On average, the cost of a data breach for organizations without an incident response plan or dedicated team is AUD $5.2 million, compared to just AUD $2 million for organizations with an information security plan and specialist team. The report emphasizes the importance of data protection and being proactive and prepared when it comes to cyber risks.
ORGANISATIONS WITH AN INFORMATION SECURITY MANAGEMENT SYSTEM OR SIMILAR WERE MILLIONS BETTER-OFF.
Authors of the report made it clear that organisations that were proactive and prepared when it came to cyber risks were spared millions of dollars in further damages in the aftermath of a data breach. On average, costs associated with a data breach for organisations with neither an incident response plan or dedicated team are said to be $5.2 million, compared to just $2 million for organisations with an information security plan and specialist team.
“When it comes to businesses’ ability to mitigate the impact of a data breach, we’re beginning to see a clear advantage held by companies that have invested in automated technologies,” Wendi Whitmore, Vice President of IBM’s X-Force Threat Intelligence said.
“At a time when businesses are expanding their digital footprint at an accelerated pace and the security industry’s talent shortage persists, teams can be overwhelmed securing more devices, systems and data. Security automation can help resolve this burden, not only supporting a faster breach response but amore cost-efficient one as well.”
