Plus   Neg

Increasing Data Breach Costs Hurt Small Businesses: IBM Study

datatheft july23 lt

Data breach costs are increasing in organizations, hurting them financially for many years, according to a study by IBM Security. For small businesses, such breaches cost up to 5 percent of their annual revenue.

The annual Cost of a Data Breach Report is based on interviews with more than 500 companies worldwide that suffered a breach over the past year.

The study found that the data breaches now cost $3.92 million on average, a 12 percent increase over the past 5 years. Meanwhile, the average cost of a breach in the U.S. is $8.19 million, more than double the worldwide average.

The increasing costs reflect the multi-year financial impact of breaches, increased regulation, as well as the complex process of resolving criminal attacks.

Those originated from a malicious cyberattack were the most common root cause of a breach as well as the most expensive. The study obverved that around 51 percent of data breaches resulted from cyberattacks, a 21 percent increase over the past 6 years. These attacks cost companies $4.45 million on average, which was $1 million more on average than that of accidental causes.

Small and midsize businesses, with less than 500 employees, suffered losses of more than $2.5 million on average. For small businesses, which generally earn annual revenues of $50 million or less, these data breach costs are crippling.

The study found that the effects of a data breach are felt for years. Around 67 percent of data breach costs were realized within the first year after a breach, while 22 percent accrued in the second year and 11 percent accumulated more than two years after a breach.

In highly-regulated environments, including healthcare, financial services, energy and pharmaceuticals, breach costs were higher in the second and third years.

Healthcare organizations had the highest cost of a breach for the 9th year in a row, of around $6.5 million on average, which was more than 60 percent higher than other industries.

Wendi Whitmore, Global Lead for IBM X-Force Incident Response and Intelligence Services, said, "With organizations facing the loss or theft of over 11.7 billion records in the past 3 years alone, companies need to be aware of the full financial impact that a data breach can have on their bottom line -and focus on how they can reduce these costs."

According to Ponemon Institute, which conducted the study, the speed and efficiency at which a company responds to a breach has a significant impact on the overall cost.

The companies that could detect and contain a breach in less than 200 days spent $1.2 million less on the total cost of a breach, the study noted.

For comments and feedback contact: editorial@rttnews.com

Business News

Follow RTT