Average cost of a data breach exceeds $3.8 million, claims report

Data breaches are getting more expensive.

That’s one of the findings of a new global study by the Ponemon Institute that examines the financial impact of a corporate data breach.

So what is the actual cost of a data breach? Well, obviously it varies depending on the nature of the organisation that has lost control of its data, the nature of data that has been breached, and the severity of the attack.

But the Ponemon Institute’s “2018 Cost of a Data Breach Study” has found that the average cost of a data breach globally is a not-to-be-sneezed-at US $3.86 million – a rise of 6.4% from last year’s equivalent report.

These average costs for a data breach do not apply to the huge incidents such as those which affected Equifax, because they are thankfully not the type of breach experienced by most organisations. However, the study did not shy away from also considering these larger, more catastrophic incidents of data loss.

If your organisation did fall foul of a what the study calls a “mega breach”, ranging from 1 million to 50 million lost records, the costs are said to average between $40 million and $350 million respectively.

The Ponemon Institute study interviewed nearly 500 companies that had suffered a data breach, analysing the many different costs including incident investigation, recovery, legal and regulatory activity, reputational damage, and lost business through customer turnover.

And it’s that last cost – lost business – that is particularly significant in “mega breaches” which involve the loss of more than one million records. According to the study, one-third of the cost of “mega breaches” can be placed at the door of lost business.

Of course there are all manner of factors which can be brought into play to reduce the cost (Read more...)