Hidden costs of data breaches increase expenses for businesses
The hidden costs thrown up by data breaches – including lost business, reputational damage and employee time spent on recovery – lead to significant increases in expenditure for businesses.
This is according to a new study by IBM Security, conducted by the Ponemon Institute. The 2018 Cost of a Data Breach Study revealed that one-third of the cost of so-called ‘mega breaches’ (at least one million lost records) were derived from lost business.
It was also found that the average cost of a data breach globally is $3.86 million (£2.9 million), a 6.4 per cent increase from the 2017 report.
This year, for the first time, the study also calculated the costs associated with ‘mega breaches’, which range from one million to 50 million records lost. The researchers projected that these breaches cost companies between $40 million and $350 million respectively.
According to the report, the average cost of a data breach of one million compromised records is nearly $40 million. Meanwhile, at 50 million records, the estimated total cost of a breach is $350 million.
The vast majority of these breaches (ten out of 11) stemmed from malicious and criminal attacks, rather than system glitches or human error. It was also found that the average time to detect and contain a mega breach was 365 days – almost 100 days longer than a smaller scale breach (266 days).
Wendi Whitmore, global lead for IBM X-Force Incident Response and Intelligence Services, said: “While highly publicised data breaches often report losses in the millions, these numbers are highly variable and often focused on a few specific costs which are easily quantified.
“The truth is there are many hidden expenses which must be taken into account, such as reputational damage, customer turnover, and operational costs. Knowing where the costs lie, and how to reduce them, can help companies invest their resources more strategically and lower the huge financial risks at stake.”
Share This Post, Choose Your Platform!
With over 25 years in the business telecoms industry and an unrivalled reputation of delivering excellent, personal customer service, Arrow is one of very few companies in the UK able to provide a full telecoms, IT and energy consultancy and service proposition.
Savings through automation, scale, improved service. We’ve got that covered. But the true value comes with empathy, through empowerment, collaboration. It’s connecting people that drives us forward. It’s people that make tomorrow happen.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.