This week, IBM Security and Ponemon Institute released the annual Cost of a Data Breach report.
This year’s report found that the UK experienced a decrease in the cost of a data breach, from £2.53 million in 2016, to £2.48 million in 2017. The average cost per lost or stolen record in the UK is estimated at £98.
Key points from the study include:
- Incident Response Leads to Significant Cost Savings: For the third year in a row, the study found that having an Incident Response team in place significantly reduced the cost of a data breach, saving $19.30 USD per lost or stolen record.
- Containment Speed Is Critical: The cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than thirty days compared to those that took longer than 30 days.
- Room for Improvement: On average, organizations took more than 6 months to identify a breach, and more than 66 additional days to contain a breach once discovered.
- By Industry, Healthcare Breaches Most Costly: For the 7th year in a row, healthcare has topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average across industries ($141 per record.)
- Top Factors Increasing Cost of a Breach: The involvement of third-parties in a data breach was the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record.
- Top Factors Reducing Cost of a Breach: Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.50 reduction per record).
IBM has also created a “Cost of a Data Breach Calculator,” which can use below.