The recently released Ponemon Institute Cost of Data Breach Study shows some concerning information on data breaches that business executives really need to be aware of and take action on through implementing a higher security stance before it’s too late.  Not only have breach costs increased, but companies are still lacking when it comes to implementing the necessary risk management components to protect their data and environment.

Furthermore, with the average total cost of a data breach increasing 15% in the last year, to $3.5 million; and the cost incurred for each lost or stolen record containing sensitive and confidential information increasing more than 9% to $145 per record implementing a strong security posture won’t be enough. Executives need to get more involved in breach preparedness and response if they want to be sure their business is where it needs to be to stay safe from threats.

A look at the Cost of Data Breach Study’s findings can help business executives gain a better perspective on the impact of breach on business and what changes need to take place in order to diminish repercussions and be prepared.

  • There is a 22% probability for a company to have a data breach (over a two-year period) that involves 10,000 or more confidential records.
  • There has been an increase in terms of attack vectors involving malicious code and sustained probes.  The estimated number of incidents involving malicious codes and sustained probes each month is 17 and 12, respectively.
  • Only 38% of businesses have a security strategy to protect their IT infrastructure.
  • Only 45% of organizations have a strategy to protect their information assets.
  • 50% of companies have low or no confidence that they are making the right investments in people, process and technologies to address potential and actual threats.

When you add to the above, the findings on costs per record, the damage data breach causes to companies in addition to reputation and customer loss, is highly concerning (to say the least).

  • The most costly data breaches were caused by malicious and criminal attacks; US companies paid $246 per compromised record.
  • The healthcare industry tops the list of industries with the highest per capita breach cost with each record costing $359; followed by the financial industry with a cost of $206 per record, and public (government) breaches costing the lowest at $100 per record.

The Cost of Data Breach Study also takes a look at how businesses are mitigating costs.

  • Companies that reported having a strong security posture were able to reduce costs by as much as $14 per record.  An indication that a strong security posture is critical to decreasing the cost of data breach.
  • Business continuity management also reduces breach cost. The study found an average of almost $9 less per record when business continuity management was in place.
  • Appointing a chief information security officer to lead incident response teams when data breach takes place reduces costs by more than $ 6 per record.

Understanding the types of data breaches that could impact business and the potential costs companies face, can assist business executives in putting more resources within their information security to prevent, detect and resolve data breach incidents.

It is quite obvious that protecting your business all starts with implementing a holistic information security posture, since you can’t secure your business or data with vulnerabilities lurking around.  As they say, more knowledge brings greater responsibility.

How do you plan on managing your business risks and reducing your data breach costs?

 

Photo Courtesy of Ponemon Institute