Survey Finds Breach Discovery Takes an Average 197 Days

A new global study based on 500 interviews conducted by The Ponemon Institute on behalf of IBM finds that the average amount of time required to identify a data breach is 197 days, and the average amount of time needed to contain a data breach once it is identified is 69 days.

When it comes to cost containment, the study makes it clear time is of the essence. Companies that were able to contain a breach in less than 30 days saved more than $1 million compared to those that took more than 30 days ($3.09 million versus $4.25 million average total).

Obviously, there are many factors that go into determining what the real cost of a security breach is. The Ponemon study includes everything from actual IT costs to estimates of lost revenues resulting from customers deciding to no longer do business with an organization because of a security breach.

The study finds the average cost of a data breach globally is $3.86 million, a 6.4 percent increase from the 2017 report. But that estimate also includes several “mega breaches” ranging from 1 million to 50 million records lost, which the study projects cost companies between $40 million and $350 million respectively. There were 16 mega breaches identified in 2017. Without the mega breaches, the average cost of security breach for most organizations would be significantly lower than $3.86 million. The average cost per lost or stolen record is $148.

There are several ways organizations can contain those costs, notes the report. Incident response teams are cited as the top cost-saving factor, reducing the cost by $14 per compromised record, while the use of an artificial intelligence (AI) platform for cybersecurity reduced the cost by $8 per lost or stolen record. The study also finds organizations that had deployed automated security technologies extensively saved more than $1.5 million on the total cost of a breach.

It also worth noting the study finds organizations that “rush to notify” customers and regulatory bodies about a security breach have a higher cost of $5 per lost or stolen record.

Overall, the study finds U.S. companies experienced the highest average cost of a breach, at $7.91 million, followed by the Middle East, at $5.31 million. The lowest total cost of a breach was $1.24 million in Brazil, followed by $1.77 million in India.

John Wheeler, vice president for IBM Security, said incident management processes clearly have the most impact in terms of minimizing security breach costs. However, most organizations are inconsistent in their approach. There’s a world of difference between engaging in a theoretical tabletop exercise and having processes that are embedded into the muscle memory of the organization.

The need for more well-defined incident management processes will only become more acute as the attack surface that needs to be defended continues to expand, thanks to the rise of technologies such as internet of things (IoT) projects, Wheeler noted.

The good news is that as AI technologies become better at discovering security breaches, the financial damages inflicted by those breaches should decline, he added.

Naturally, it may take a while for AI security technologies to become pervasive. But at this juncture, the application of AI to cybersecurity is now more a question of when rather than if.

Avatar photo

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 691 posts and counting.See all posts by mike-vizard

Cloud Workload Resilience PulseMeter

Step 1 of 8

How do you define cloud resiliency for cloud workloads? (Select 3)(Required)