The Cost of a Data Breach
Let’s jump in and learn:
The Monetary Cost of a Data Breach
The global average cost of a data breach is more than $4 million; the country with the highest average cost is the United States (U.S), which averages more than $8.5 million. The cost of a data breach is increasing by roughly 10% each year.
Industries facing the most significant increases in the cost of a data breach include:
- 10% increase for healthcare service providers
- 9% increase for the retail industry
- 14% increase for the energy sector
Data breaches hit many large industries. By far, the most prevalent data targeted by data breaches is personally identifiable information (PII). The cost of a data breach associated with PII comes in at an average of $180 per record.
When data breaches are the result of a cyberattack, rather than caused by an unintentional insider (i.e., an authorized user inadvertently making personal data public), the cost per record is more than 16% higher. The per-record cost of a data breach is materially higher in some industries—more than $200 for financial services and more than $400 for healthcare service providers.
Other Costs Associated with Data Breaches
To accurately assess the cost of a data breach, it is imperative to consider both hard and soft costs. While it is difficult to quantify the soft costs, they are still important to factor into the overall impact of a data breach.
Hard Costs of a Data Breach
- Customer and stakeholder notifications
- Detection
- Identifying root cause
- Audits
- Mitigation
- Fines by regulatory authorities
- Increased cyber insurance premiums
- Legal fees
- Lost revenue
- Market value impact
- Public Relations (PR) and other media campaigns
- Response
- Increased security
- Additional monitoring
- Professional services for customers (e.g., providing legal advice and credit monitoring services)
Soft Costs of a Data Breach
- Decreased customer and business partner trust
- Impact on employees (e.g., difficulties with retention and hiring)
- Negative perceptions of organizational strength
- Tarnished brand perception
Mitigating the Risk of a Data Breach
A strong security posture that considers the entire ecosystem is the best way to mitigate the risk and the cost of a data breach. Some specific considerations and must-haves as part of a robust security program include the following.
- Avoid storing unnecessary sensitive data
- Assess supply chain partners’ cybersecurity preparedness
- Consider having a cyber insurance policy with a data breach inclusion
- Continuously monitor systems and networks for anomalies
- Create strong internal policies for verifying email links and attachments before users click on links or download attachments
- Develop plans that accelerate response times in the event of an attack
- Enforce user security standards
- Have guidelines for personal device usage
- Invest in employee cybersecurity awareness training
- Limit access by employing a policy of least privilege
- Make strong passwords (i.e., difficult-to-decipher) mandatory for all users—employees, business partners, and vendors
- Prioritize data protection
- Implement formal security policies
- Regularly install software updates and patches
- Remove user account privileges when terminating an employee or other business relationship (e.g., partner, vendor)
- Perform penetration testing
What Factors Contribute to the Increase in Data Breaches?
While most of the news around data breaches focuses on large companies, small- and mid-sized organizations are increasingly being targeted. These smaller organizations are attractive targets because they tend to be easier to infiltrate. Other factors that contribute to an increase in data breaches include:
- Access points
The growth of cloud-based applications and services coupled with growing online collaboration has significantly increased the number of access points for users and systems. - Data proliferation
Many organizations retain multiple copies of the same data (e.g., email attachments reside on senders’ systems as well as recipients’), which increases potential cyber-attack surface and the volume of data that is susceptible to a data breach. - Data volume and retention
Organizations are generating, collecting, and storing exponentially increasing amounts of data. Most are reluctant to destroy data, as it is increasingly being used as part of data-driven analytics. But the longer data is retained, the greater the risk of a data breach and the higher the cost of that breach. - Remote work
The trend toward remote work has been rising and spiked during the global pandemic. In many cases, organizations do not have security systems optimized to effectively protect the data of remote workers. This becomes an appealing attack vector for cybercriminals who take advantage of vulnerabilities like less-secure home networks. - Automated attacks
- Specialized hacking software, botnets, and automation approaches make it faster and easier for cybercriminals to target organizations to gain access to data. These tools are used in a number of ways, including to:
- Conduct password-based attacks
- Gain access via brute force (i.e., guessing passwords)
- Identify vulnerabilities
- Keylogging (i.e., software that tracks user input and can capture login credentials)
- Run dictionary attacks (i.e., programs that try various word combinations at scale)
- Value of data
The risk of a breach increases with the value of the information. As more PII is collected and stored, an organization becomes more enticing to a cybercriminal.
Detecting and Responding to Data Breaches
The Cost of a Data Breach and Detection
The longer it takes to detect a data breach, the more significant the cost and reputational damage. Detecting data breaches quickly and efficiently is difficult. A few steps that can be taken are:
- Analyze supply chain partners’ cybersecurity procedures
- Deploy anti-malware and anti-virus solutions
- Establish regular training for cybersecurity awareness
- Harden network environments to defend against vulnerabilities
- Monitor networks to detect anomalies as early as possible
Use firewalls to block unauthorized activity
Data Breach Prevention and Response
Prevention is the ideal data breach strategy. Steps that can be taken to defend against a data breach include:
- Assessing and improving third-party vendor security
- Avoiding password reuse
- Data encryption
- Limiting administrative controls only to personnel who require it
- Multi-factor authentication (MFA)
- Patching software vulnerabilities regularly
- Reducing content sprawl, to reduce potential cyber-attack surface
- Restricting access to highly-sensitive data, based on users’ “Business Need to Know”
- Strong password standards
- Training to avoid exploitation of human error through phishing and social engineering campaigns, which are the most common attack vectors
Data Breach Response
Data breach containment and response strategies are critical in mitigating the impact of attacks. In the event that detection and prevention fail, these tactics can help with a response that will limit the cost of a data breach.
- Identify all affected hosts
- Disable breached user accounts
- Identify vulnerabilities
- Mitigate vulnerabilities
- Reimage and harden systems
- Remove all artifacts left by the attacker
- Retain any digital evidence of a breach for forensic examiners
- Report the breach to regulatory authorities
- Inform affected individuals
- Learn from the cyber-attack, and update your IT Security procedures accordingly
Reduce the Cost of a Data Breach with a Well-Prepared and Strong Defense
Organized crime syndicates, both domestic and foreign, are considered the leading perpetrators of data breaches, and are credited with more than 80% of successful attacks. Though oft-mentioned, state-sponsored attacks only represent 6-16% of successful data breaches. Regardless of who is behind an attack, the cost of a data breach can be significant.
A strong defensive security posture remains the best way to minimize the cost of a data breach. Implementing strong security across users, systems, applications, and networks reduces the attack surface and thwarts less persistent attackers.
In the event of a successful attack, the cost of a data breach can be reduced by limiting what can be accessed. Being prepared for an attack can also limit the cost of a data breach, as a rapid response can mitigate the efficacy of an attack. Finally, stay informed about the continuously changing cyber threats and evolve security protocols accordingly.
Egnyte has experts ready to answer your questions. For more than a decade, Egnyte has helped more than 16,000 customers with millions of customers worldwide.
Last Updated: 28th March, 2022