New Study Finds Alarming Financial Impact of Data Breaches
6/20/16 6:05 PM iCorps Technologies
The financial impact of a data breach can be devastating to any company and research from the past year shows that the blow has only gotten worse, particularly for United States businesses. According to the 2016 Cost of Data Breach Study conducted by Ponemon Institute and sponsored by IBM, 64% more security incidents were reported in 2015 than 2014 and even more worrisome is companies are losing approximately $100 more per compromised record compared to the previous year.
Since 2013, the cost per capita of a data breach in the U.S. has jumped from $188 to $221 and the average total organizational cost has increased from $5.4 million to $7.01 million (about $3 million over the global average). Two more alarming numbers stood out for the United States:
- Post breach response costs were highest in the United States at $1.72 million.
- US organizations took the biggest financial hit due to loss of business (e.g. abnormal turnover of customers, reputation losses) at $3.97 million.
As cyber incidents are becoming more complex and grow both in sophistication and capacity, costs per breach are continuing to rise. Ponemon's research suggests that part of these high costs could be attributed to the alarming fact that “70 percent of U.S. security executives report they don’t have cyber security response plans in place.” This can be a detrimental flaw for businesses because it's been proven that the longer it takes to detect and contain a data breach, the costlier it becomes to resolve. Breaches that were identified in less than 100 days cost approximately $3.2 million. After 100 days, the cost rose to $4.38 million on average.
Other findings from the study include:
- Malicious or criminal attacks are the most prominent cause globally.
- Breaches caused by malicious attacks were costlier than those caused by system glitches or human error.
- The more records lost, the higher the cost of the incident.
It's important to be well-informed of your state's requirements should your business experience a data breach. If you are a Massachusetts-based individual or company, you can now report electronic data breaches to the state online, as announced by the Massachusetts Office of Consumer Affairs and Business Regulation in June.
New York law requires that a person or business conducting business in the state that experiences a data breach must notify the NYS Attorney General, the NYS Division of State Police and the Department of State's Division of Consumer Protection. Forms and proper contacts can be found on the state's Office of Information Technology Services website.
The alarming cost of a data breach underscores the importance of having a pro-active, multi-layered cyber security plan and data protection tools in place. Learn how iCorps' Vulnerability Monitoring and Reporting can help you maintain the upper hand when it comes to protecting your network.
You May Also be Interested In:
What To Do When You Know Your Data Breach Personally?