A data breach is a revenue-slaying monster that no company wants to encounter. The expense of that nightmare starts immediately and doesn’t stop until the last jot of remediation is complete. Data breach risk is climbing in many industries, especially cloud data breaches, up more than 35% in 2021. Unfortunately, the impetus behind a data breach can be a hard-to-pin-down foe that can come at your business from too many directions, especially when your data breach is tied up in someone else’s, and it’s bound to do damage – especially to your budget. But your company won’t just suffer a big up-front expense if it has a data breach. The unexpected cost of a data breach can come back to haunt you years later – and it might just be enough to drive your business to ruin. 

Every edition of the IBM/Ponemon Cost of a Data Breach Report is always chock full of useful information that helps companies make better decisions about security. These five data points are important to keep in mind when considering your strategy for preventing your company from getting clobbered by a data breach.

The cost of a data breach can change significantly depending upon the initial attack vectors including the top three most common: compromised credentials (20% of breaches), phishing (17%) and cloud misconfigurations (15%). 

The cost of a breach can be impacted by the type of data stolen or leaked, like customer personally identifiable information – the most frequently breached and the most expensive at $180 per record. 

The top country in the world for data breach costs in 2021 (so far) is the US with an average cost of $9.05 million. 

Thanks to the hot market for COVID-19 data in 2020, medical data is in second place as the most desirable data to snatch, and healthcare at $9.23 million is the industry with the most expensive data breach costs 

Organizations that operate with 50% remote workers took an average of 316 days to identify and contain a data breach compared to the overall average of 287 days

A single data breach is hugely more expensive than it has ever been before either. In the IBM/Ponemon annual Cost of a Data Breach Report, the average cost of a breach in 2021 is estimated at $4.2 million per incident, the highest ever recorded in the 17 years of the study. Data breach costs were also complicated by the global pandemic. When companies reported that the majority of their staffers were working from home, researchers discovered that they experienced an increase of up to $1 million more when a data breach occurred, with the highest rates of $4.96 million in comparison to $3.89 million. 

Most business executives probably assume that the cost of a cyberattack that ends in a data breach can be quickly established. But that’s definitely not the case as businesses have discovered to their detriment. A full picture of the cost of a data breach may not have been seen for years. In fact, it can take more than two years for the dust to settle. Around 61% of the cost of a data breach is paid in the first year after impact, But the hits keep coming for two years or more. An estimated 24% of the cost of a data breach comes due in the 12 to 24 months following the incident. Just when you thought you’d taken care of everything, more costly surprises are in store. In fact. the bills for the final 15% of the cost of a data breach can arrive more than two years later – and that doesn’t include regulatory penalties.

But here’s the really scary statistic: an estimated 60% of companies go out of business within six months of a cyberattack. There’s no single factor that causes that result in the wake of a cyberattack and/or a data breach.  The combination of high investigation and remediation costs, lost revenue, penalties and legal bills, extra payroll hours and myriad other expenses is just too much for many businesses to take – especially in this economy. No company can afford to neglect cyber resilience or take precautions like increased security awareness training that could help them survive a cyberattack, or at least minimize the damage.

Fuente: Agent ID