IBM Security: Cost of Data Breach Hitting All-Time Highs

A study commissioned by IBM Security says the global average cost of a data breach reached an all-time high of $4.35 million and warned that the absence of zero trust principles at studied organizations are pushing those costs even higher.

The study, which was conducted in partnership with the Ponemon Institute, notes that global average breach costs have climbed nearly 13% over the last two years with a whopping 83% of organizations experiencing more than a single data breach.

The “Cost of a Data Breach 2022” report studied about 550 businesses impacted by data breaches etween March 2021 and March 2022 and IBM Security said the data covered organizations in 17 countries across the globe.

The report notes that there is a “haunting effect” from the after-effects that linger after breaches with more than half of breach costs adding up more than a year after the compromise.

“With breach costs increasing nearly 13% over the last two years of the report, the findings suggest these incidents may also be contributing to rising costs of goods and services,” IBM Security said, noting that about 60% of the studied organizations “raised their product or services prices due to the breach.”

The study called special attention to costs borne by critical infrastructure organizations with average breach costs reaching $4.82 million, much higher than the average costs for businesses in other industries.

The IBM Security study found that companies in the financial services, industrial, technology, energy, transportation, communication, healthcare, education and public sector industries were heavily impacted by ransomware attacks (28% were hit by data theft and extortion breaches).

Even worse, the study found that about 20% of critical infrastructure organizations suffered a breach because of a third-party business partner being compromised.

Of the 550 organizations polled for the study, IBM Security said companies with fully deployed security AI and automation systems fared better, which breach costs about $3.05 million less than breaches at organizations with no such defenses.

“This 65.2% difference in average breach cost – between USD 3.15 million for fully deployed versus USD 6.20 million for not deployed – represented the largest cost savings in the study,” IBM Security said.

“Companies with fully deployed security AI and automation also experienced on average a 74-day shorter time to identify and contain the breach, known as the breach lifecycle, than those without security AI and automation – 249 days versus 323 days. The use of security AI and automation jumped by nearly one-fifth in two years, from 59% in 2020 to 70% in 2022,” it added.

The study also found that companies that implemented zero trust principles were able to better manage costs from data breaches.

Of the 550 organizations participating in the study, IBM Security said a whopping 60% did not deploy zero trust security measures, pushing up post-breach costs. “The organizations that don’t deploy zero trust incur an average of $1 million in greater breach costs compared to those that do deploy.”

“Among critical infrastructure organizations, an even higher percentage of 79% doesn’t deploy zero trust. These organizations experienced on average $5.40 million in breach costs, more than $1 million higher than the global average,” the report noted.

For the 12th consecutive year, the study found that the healthcare industry had the highest average cost of a breach (in the range of $10 million). Financial organizations had the second highest costs – averaging $5.97 million — followed by pharmaceuticals at$5.01 million, technology at $4.97 million and energy at $4.72 million.

The study also found that organizations that fell victim to ransomware attacks did not reduce costs significantly, even after paying ransom demands to retrieve valuable data.

“Ransomware victims in the study that opted to pay threat actors’ ransom demands saw only $610,000 less in average breach costs compared to those that  chose not to pay – not including the cost of the ransom. Factoring in the high cost of ransom payments, the financial toll may rise even higher, suggesting that simply paying the ransom  may not be an effective strategy,” according to the report.

The study also found major gaps in security cloud deployments with about 43% of respondents in the “early stages or have not started applying security practices across their cloud environments.”

Related Posts

Cloud Master’s Data Management for Banking

Master Data: What Is It & Why Does It Matter for Businesses? Master data management, mdm, data governance, data quality, data management, data, master data, big data, analytics, internet of things. Master data management tools...

IBM Security QRadar: SIEM product overview

Expert Karen Scarfone takes a look at IBM Security QRadar, a security information and event management (SIEM) tool used for collecting and analyzing security log data. IBM QRadar is an enterprise security information and event...

Best Online Bank: The Comparison For 2023 (Guide)

It’s a fact: the French easily leave their traditional bank to turn to an online bank. These establishments represented more than a third of all account openings in 2023. Internet finance has been growing...

Top 10 Accounting Software For Freelancers 2023

Managing a business involves carrying out various office, administrative and accounting tasks. If a large company hires the best professionals, a small structure tends to turn to software. Here are 10 accounting software for...

15 best enterprise quality management software in 2022

Before presenting the Quality Management software ranking, let’s describe the criteria we used to elaborate it. The first step to establish a ranking among the different products in the market for the administration of...

The Best CRM Software Systems for 2022

This ultimate best CRM software guide is for serious marketing professionals, sales teams, and business owners. Customer relationships are essential to the success of your brand. Without the right connection to your audience, you...

lên đầu trang