Data breaches, while highly complex in nature, are on the rise across the globe. This is according to the 2017 release of the Data Breach Study, a joint initiative released by the Ponemon Institute and IBM.
The study was based on 419 businesses spread across 17 countries, namely: The United States, United Kingdom, Germany, France, Australia, Brazil, Japan, Italy, India, Canada, South Africa, the United Arab Emirates, Saudi Arabia, Singapore, Indonesia, the Philippines and Malaysia.
South Africa ranked as the country most likely to experience a data breach attack in the next 24 months with a 41 percent probability, while Canada was least likely to suffer a breach with a 14 percent probability.
In this blog post, I share the most fascinating (and jarring) findings from the study. If cybersecurity has been weighing on your mind, this summary could help you better understand how data breaches can affect your business.
What is a data breach?
The Ponemon Institute defined a breach as an incident where a minimum of 1,000 records containing personal information about consumers are lost or stolen.
It takes 191 days to identify a breach
A shocking statistic, but also very telling of the state of cybersecurity the world over, which remains largely unknown territory. In 2016, businesses reported that it took 216 days to uncover a data breach, and another 70 days to contain it. In 2017, the containment window shrank to 66 days.
Factors that influenced the speed of finding and containing data breaches include:
- Improvements in security technologies and security analytics
- Advancements in Security Information and Event Management
- Adoption of enterprise-wide encryption and threat intelligence sharing platforms
BYOD environments and the cloud increase complexity of dealing with security risks
It’s no secret that BYOD poses a serious threat to enterprise security. People bring their own devices, which can contain malware, onto your network and are given access to important data.
The cloud also increases the difficulty of managing threats due to how data is stored, shared and managed within different platforms and applications.
Malicious insiders do more damage
Forty-seven percent of businesses shared that the root cause of data breaches was malicious criminal attacks, which cost an average of $156 per incident.
Negligence costs business approximately $126 per incident.
Openness and analytics decrease cost
Threat sharing, the use of security analytics and the recruitment and retention of knowledgeable staff helped businesses decrease the cost of a breach from $128 in 2016 to $126 in 2017.
Direct and indirect costs
Average direct costs such as seeking forensic expert help, hiring a law firm or offering victims identity protection services are as high as $81.
Average indirect costs, which include the allocation of resources such as employees’ time to notify victims and examine the breach, the loss of goodwill and customer churn, are as high as $146.
Healthcare breaches are most expensive
While the average global cost of data breach per lost or stolen record was $141, health care organisation breaches cost approximately $380. Financial services came in second place with an average cost of $245; Media, $119; Research, $101; and finally the public sector, which spent the lowest per breach at $71.
Middle East and U.S. organisations are most attacked
Fifty-nine percent of breaches in the Middle East and 52 percent of breaches in the United States were due to hackers and criminal insiders compared to 40 percent experienced by SA and Italy.
The cost of global breaches has decreased since 2016, however there has been an increase in incidents during the same period. BYOD networks and the increase in cloud technology make it harder to manage threats, yet investments in human capital, SIEM, security analytics and encryption have shown to quicken the identification of data breaches and hasten their containment.
Download the Ponemon Institute’s 2017 Cost of Data Breach Study here.
Beat Man-in-the-middle attacks with Strong SSL Encryption on your website
TrustTheSite.com is a platinum reseller of VeriSign, Thawte, GeoTrust, Comodo, RapidSSL and Digicert SSL certificates. We offer the best pricing backed by personalised client support.
Call us on +27 23 004 0196 for a free no obligation discussion about your business needs and we’ll help you find the right certificate for your brand.