Filed Under:Agent Broker, Agency Technology

3 takeaways from the 2017 Cost of Data Breach Study

The latest from IBM Security and Ponemon Institute on today's security landscape

According to the 2017 Cost of Data Breach Study: Global Overview,
According to the 2017 Cost of Data Breach Study: Global Overview, "compliance failures" and "rushing to notify" were among the top five reasons the cost of a breach rose in the U.S. (Photo: Shutterstock)

As companies continue to infuse technology into their business models, they must also keep up with an ever-changing digital landscape. In 2017 and beyond, companies need to consider their cybersecurity practices

As cyber attacks continue to rise in frequency and sophistication, companies should also consider where data breaches are occurring. For those looking to understand data breaches by country, the latest report from IBM Security and Ponemon Institute sheds light on such a topic. 

Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach is $3.62 million globally, a 10% decline since 2016.

To explore the complete report, visit the IBM Security Data Breach Calculator, an interactive tool that allows you to manipulate report data and visualize the cost of a data breach across locations and industries, and understand how different factors affect breach costs.

Or, keep reading for highlights from the study's key findings. 

Related: Ransomware attacks leave businesses and insurers exposed

Global attacks

Although the overall cost of a data breach reportedly decreased in 2017, certain regions, particularly the U.S., experienced increased costs. (Photo: Shutterstock) 

The costs by region. 


In the 2017 global study, the overall cost of a data breach decreased to $3.62 million, which is down 10% from $4 million last year. While global costs decreased, many regions experienced an increase

In the U.S., the cost of a data breach was $7.35 million, a 5% increase compared to last year. When compared to other regions, U.S. organizations experienced the most expensive data breaches in the 2017 report. In the Middle East, organizations saw the second highest average cost of a data breach at $4.94 million  an uptick of 10% compared with the previous year. Canada ranked third with data breaches costing organizations $4.31 million on average. 

European nations experienced the most significant decrease in costs. Germany, France, Italy and the U.K. experienced significant decreases compared to the four-year average costs. Australia, Canada and Brazil also experienced decreased costs compared to the four-year average cost of a data breach. 

Related: Company cyberinsurance — the supply chain dilemma

Cyber breach

Containing a data breach within a certain amount of time can save organizations a substantial amount of time and money. (Photo: Shutterstock)

Time is money when you're containing a data breach.


For the third year in a row, the study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach. IR teams, along with a formal incident response plan, can assist organizations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, the cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than 30 days compared to those that took longer than 30 days. The speed of response will be increasingly critical as General Data Protection Regulation (GDPR) is implemented in May 2018, which will require organizations doing business in Europe to report data breaches within 72 hours or risk facing fines of up to 4% of their global annual turnover.

There's still room for improvement for organizations when it comes to the time to identify and respond to a breach. On average, organizations took more than six months to identify a breach, and more than 66 additional days to contain a breach once discovered.

Related: Humans: The weakest link in social engineering and cyber attacks

Encryption

Along with an incident response plan, encryption and education can protect organizations across various industries from costly data breaches. (Photo: Shutterstock)

Additional key findings.
 

  • For the seventh year in a row, healthcare topped the list as the most expensive industry for data breaches. Healthcare data breaches cost organizations $380 per record, more than 2.5 times the global average overall cost at $141 per record.
  • Close to half of all data breaches (47%) were caused by malicious or criminal attacks, resulting in an average of $156 per record to resolve.
  • Data breaches resulting from third party involvement were the top contributing factor that led to an increase in the cost of a data breach, increasing the cost $17 per record. The takeaway: Organizations need to evaluate the security posture of their third-party providers  including payroll, cloud providers and CRM software  to ensure the security of employee and customer data.
  • Incident response, encryption and education were the factors shown to have the most impact on reducing the cost of a data breach. Having an incident response team in place resulted in $19 reduction in cost per lost or stolen record, followed by extensive use of encryption ($16 reduction per record) and employee training ($12.5 reduction per record).  

Related: Key findings for businesses from the 2017 FM Global Resilience Index report

Featured Video

Most Recent Videos

Video Library ››

Top Story

Oh, deer! What drivers should know about animal collisions

One-third (34%) of all animal collision comprehensive claims are filed during the fall, according to Farmers Insurance.

Top Story

5 dated insurance business tools, technologies

Accelerating insurance industry innovation will mean moving away from the same old business processes.

More Resources

Comments

eNewsletter Sign Up

Agent & Broker Insider eNewsletter

Proven success tips and essential information to help agents and brokers grow their practice – FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.