Cost of a Data Breach Is $4.88 million – Ponemon Report
“UK organisations continue to struggle to track the evolving patterns of cyberattacks — the shift to malware cocktails and evolving threat vectors — which makes it extremely difficult for them to defend themselves,” commented SonicWall President and CEO Bill Conner.
The highest cost in the world is in the US, at $8.19 million. That is followed by the Middle East, at $5.97 million, and then Germany at $4.78 million and the UK at $4.88 million.
In Japan and South Korea, the average cost of a data breach is much lower, at $3.75 million and $3.3o million, respectively.
The cost of data breaches in the UK is increasing, up 10.56 per cent in the past year. In the UK, the average size of a data breach has increased by 3.6 per cent and the per capita cost per lost or stolen record is $155 (£127), which represents an increase of 9.69 per cent from 2018. This cost has nearly doubled in the past 10 years.
UK organisations saw 23,636 records lost to breaches, on average, last year. British companies take an average of 171 days to identify a breach and an average of 72 days to contain them.
In the areas that a data breach hits hardest, the UK was near the top of the rankings. These areas are abnormal customer turnover (greater-than-expected loss of customers since the breach occurred), average size of a data breach (number of records lost or stolen), average total cost of a data breach and per-record cost. Abnormal customer turnover after a breach was up by about 15 per cent in the country, but all other factors rose either close to or more than 10 per cent.
The danger of a data breach has increased by one-third in the past two years, the report warns.
One alarming note: The UK has seen ransomware attacks increase sharply in the past year. After enjoying a 59 per cent decline in ransomware in 2018, the country saw a ransomware volume jump of 195 per cent year-to-date for the first half of 2019.
Want to learn more about how board management software can allow your board to better respond to a crisis?
Download the Forrester Report and see how your board could improve their communication practices.
Malicious Attacks Devastate with Highest Costs
The global average cost of a data breach is $3.92 million, up from $3.50 million in 2014.
Malicious breaches – the most common and the most expensive attacks – are devastating. Over 50 per cent of data breaches in the study resulted from malicious cyberattacks and cost companies $4.45 million, on average, $1 million more than those originating from accidental causes such as system glitches and human error. These breaches are a growing threat, as the percentage of malicious or criminal attacks as the root cause of data breaches in the report crept up from 42 per cent to 51 per cent over the past six years of the study (a 21 per cent increase).
Inadvertent breaches from human error and system glitches were still the cause of nearly half (49 per cent) of the data breaches in the report, costing companies $3.50 million and $3.24 million, on average, respectively. These breaches from human and machine error represent an opportunity for improvement, which can be addressed through security awareness training for staff, technology investments and testing services to identify accidental breaches early on.
One area of particular concern is the misconfiguration of cloud servers, which contributed to the exposure of 990 million records in 2018, representing 43 per cent of all lost records for the year, according to the IBM X-Force Threat Intelligence Index.
Costs of a Data breach – Long-term costs are significant
The study researched, for the first time in its history, the long-term costs of data breaches.
While an average of 67 per cent of data breach costs were realised within the first year after a breach, 22 per cent were added in the second year and another 11 per cent accumulated more than two years after a breach. Companies require vast efforts over a long period to recover from breaches, the study showed.
The long-term costs were higher in the second and third years for organisations in highly regulated environments, such as healthcare, financial services, energy and pharmaceuticals.
Diligent’s Modern Governance Solution Provides the Highest Grade of Security
As the report shows, maintaining IT security is more difficult than ever. Boards are looking at cybersecurity with a new level of scrutiny and applying that scrutiny to their own operations. Cybersecurity is now the responsibility of the board of directors, and boards should acquire the skills needed to protect the organisation from cybersecurity threats.
Modern governance addresses core issues of speed, visibility and security by putting the necessary tools and intelligence at the fingertips of today’s board members and executives. A world of governance and IT knowledge informs the security behind our Governance Cloud ecosystem, which includes Diligent Boards, Diligent Messenger, Diligent Evaluations and the Diligent Conflict-of-Interest forms. Data is hosted on secure servers and a world-class infrastructure that Diligent owns and operates. As part of Diligent’s Governance Cloud, all solutions are ISO- and TRUSTe-certified and internationally audited, with robust customisable encryption and data access. If a device is lost or compromised, our remote-wiping capabilities allow organisations to swiftly mitigate risk.
Diligent’s secure messaging tool is a tested means for messaging, one that encomposes the highest grade of security. And Diligent’s board assessment tool enables the CEO to share what he finds the board does well and identify where they need improvement. And this can be done in complete confidence that the discussion will remain confidential. With Diligent, boards can gain a competitive edge to improve governance by having the right information, analytics and insights to spot risks, act on opportunities and turn insights into action. Good governance isn’t just one thing – so why buy software that only manages your board documents? At Diligent, we empower leading organisations around the world to turn good governance into a competitive advantage for their business. In the ever-changing landscape of the world, governance hasn’t kept up with the fast pace of business. Quarterly board meetings, paper board books and not using secure communication tools for sensitive data have opened up numerous companies to risk.
December 28, 2020
What Role Does the Board Play in Business Continuity Planning?
Continuing in the face of adversity has been the dominant theme of the past year. When the scale of disruption caused by COVID-19 became clear, businesses worldwide were forced to adapt rapidly to the restrictions that came into force overnight. While many organisations have business continuity plans designed to keep…
December 21, 2020
Business Continuity Plan Maintenance: A Step-by-Step Guide
A business continuity plan (BCP) is a living, evolving document. Designed to be activated when unplanned disruption strikes, it must be flexible enough to guide actions regardless of the specifics of the situation. In a fast-changing environment, business continuity plan maintenance is an essential part of the business continuity programme…
December 8, 2020
Board Meeting Minutes Best Practices and Guidelines
Guidelines for Board Meeting Minute Taking In order to keep the courtroom from invading the boardroom, the most basic rule is, “saying less is often better,” warns the London-based law firm Bricker & Eckler in a recent note. “Today’s business climate places heightened…