Cost of Data Breaches Has Risen 12 Percent

July 26, 2019

The cost of a data breach has risen 12 percent over the past 5 years and now costs $3.92 million on average, according to IBM's study.

Companies with less than 500 employees suffered losses of more than $2.5 million on average – a potentially crippling amount for small businesses, which typically earn $50 million or less in annual revenue. While an average of 67 percent of data breach costs were realized within the first year after a breach, 22 percent accrued in the second year and another 11 percent accumulated more than two years after a breach. The longtail costs were higher in the second and third years for organizations in highly-regulated environments, such as healthcare, financial services, energy and pharmaceuticals.

Some of the top findings from this year's report include:

Malicious Breaches – Most Common, Most Expensive: Over 50 percent of data breaches in the study resulted from malicious cyberattacks and cost companies $1 million more on average than those originating from accidental causes.
"Mega Breaches" Lead to Mega Losses: While less common, breaches of more than 1 million records cost companies a projected $42 million in losses; and those of 50 million records are projected to cost companies $388 million.
Practice Makes Perfect: Companies with an incident response team that also extensively tested their incident response plan experienced $1.23 million less in data breach costs on average than those that had neither measure in place.
U.S. Breaches Cost Double: The average cost of a breach in the U.S. is $8.19 million, more than double the worldwide average.
Healthcare Breaches Cost the Most: For the 9th year in a row, healthcare organizations had the highest cost of a breach – nearly $6.5 million on average (over 60 percent more than other industries in the study).

Malicious data breaches cost companies in the study $4.45 million on average – over $1 million more than those originating from accidental causes such as system glitch and human error. These breaches are a growing threat, as the percentage of malicious or criminal attacks as the root cause of data breaches in the report crept up from 42 percent to 51 percent over the past six years of the study (a 21 percent increase).

That said, inadvertent breaches from human error and system glitches were still the cause for nearly half (49 percent) of the data breaches in the report, costing companies $3.50 and $3.24 million respectively. One particular area of concern is the misconfiguration of cloud servers, which contributed to the exposure of 990 million records in 2018, representing 43 percent of all lost records for the year according to the IBM X-Force Threat Intelligence Index.

You must login or register in order to post a comment.

ON DEMAND: DevSecOps creates an environment of shared responsibility for security, where AppSec and development teams become more collaborative. With the right training and tools, developers can become more hands-on with security and, with that upskilling, stand out among their peers... however, they need the security specialists on-side, factoring them into securing code from the start and championing this mindset across the company.

ON DEMAND: The insider threat—consisting of scores of different types of crimes and incidents—is a scourge even during the best of times. But the chaos, instability and desperation that characterize crises also catalyze both intentional and unwitting insider attacks. Learn how your workers, contractors, volunteers and partners are exploiting the dislocation caused by today's climate of Coronavirus, unemployment, disinformation and social unrest.

Security Magazine

2020 September

This month in Security magazine, we bring you our 2020 Most Influential People in Security annual report, where we highlight 22 industry leaders, their path to security, careers, goals and guidance for future security professionals. Industry experts discuss the evolution of ransomware, houses of worship security, cybersecurity standards, security careers in investigations and the unifying power of security. Diane Ritchey, past Editor-in-Chief, says goodbye and thank you to our readers.

View More Create Account

Cost of Data Breaches Has Risen 12 Percent

Related Articles

Related Products

Related Events

Report Abusive Comment