cyber trends
Knowing where
the costs lie and
how to reduce
them can help
companies invest
their resources
more strategically
and lower the huge
financial risks
at stake.
Based on analysis of 11 companies
experiencing a mega breach over the
past two years, this year’s report uses
statistical modelling to project the cost
of breaches ranging from one million to
50 million compromised records.
of a data breach was US$3.86 million in
the 2018 study, compared to US$3.50
million in 2014 – representing nearly a
10% increase over the past five years of
the study.
The study also examines factors which
increase or decrease the cost of the
breach, finding that costs are heavily
impacted by the amount of time spent
containing a data breach, as well as
investments in technologies that speed
up response time.
The average time to identify a data
breach in the study was 197 days and
the average time to contain a data
breach once identified was 69 days.
Companies who contained a breach
in less than 30 days saved over US$1
million compared to those that took
more than 30 days (US$3.09 million vs
US$4.25 million average total).
This is likely due to publicly reported cost
often being limited to direct costs, such
as technology and services to recover
from the breach, legal and regulatory fees
and reparations to customers.
What impacts the average cost of
a data breach?
For the past 13 years, the Ponemon
Institute has examined the cost
associated with data breaches of less
than 100,000 records, finding that
the costs have steadily risen over the
course of the study. The average cost
www.intelligentciso.com
|
Issue 05
This year for the
first time, the report
examined the effect of
security automation tools
which use Artificial Intelligence,
Machine Learning, analytics and
orchestration to augment or replace
human intervention in the identification
and containment of a breach.
The analysis found that organisations
that had extensively deployed automated
security technologies saved over US$1.5
million on the total cost of a breach
(US$2.88 million, compared to US$4.43
million for those who had not deployed
security automation.)
Regional and industry differences
The study also compared the cost of
data breaches in different industries and
regions, finding that data breaches are
the costliest in the US and the Middle
East, and least costly in Brazil and India.
For mega brea