IBM report reveals the staggering cost of a data breach

Research also reveals why employees are the greatest risk of these costly incidents

IBM report reveals the staggering cost of a data breach
Steve Randall

It can be one of the most toxic incidents to hit a business in the 21st century, but do you know the true cost of a data breach incident?

With warnings of cyber attacks on the rise as criminals try to take advantage of the current unusual conditions, a new study reveals that the cost a data breach can make a large dent in a company’s finances.

The analysis of more than 500 cyber incidents globally found that the average cost of the data breaches was an eyewatering U$3.86 million!

The research was conducted by the Ponemon Institute for IBM Security and also discovered that 80% of the incidents studied resulted in customers’ personal identifiable information (PII) being exposed. This was the costliest type of data that was breached.

With more remote working and the use of cloud-based technologies, companies are at heightened risk of a data breach. A separate IBM study has found that employees are often not given updated guidelines on protecting PII.

With hybrid work models creating less controlled environments, the report found that 70% of companies studied that adopted telework amid the pandemic expect it will exacerbate data breach costs.

Compromised employees
Employees emerged as the most common cause in almost 40% of the malicious incidents studied.

With over 8.5 billion records exposed in 2019, and attackers using previously exposed emails and passwords in one out of five breaches studied, businesses should rethink their security strategy via the adoption of a zero-trust approach and re-examine how they authenticate users and the extent of access users are granted, the report said.

Where compromised credentials enabled corporate networks, businesses saw nearly $1 million higher data breach costs compared to the global average – reaching $4.77 million per data breach.

Mega-breach costs soar
The report also revealed that breaches involving more than 50 million compromised records saw costs jump to $392 million from $388 million the previous year. Breaches where 40 to 50 million records were exposed cost studied companies $364 million on average, a cost increase of $19 million compared to the 2019 report.

"When it comes to businesses' ability to mitigate the impact of a data breach, we're beginning to see a clear advantage held by companies that have invested in automated technologies," said Wendi Whitmore, Vice President, IBM X-Force Threat Intelligence. "At a time when businesses are expanding their digital footprint at an accelerated pace and the security industry's talent shortage persists, teams can be overwhelmed securing more devices, systems and data. Security automation can help resolve this burden, not only supporting a faster breach response but a more cost-efficient one as well."