Data breaches

Reading Time: 2 minutes

Since a  long time the Cost of a Data Breach Report is produced jointly between Ponemon Institute and IBM Security. The research is conducted independently by Ponemon Institute, and the results are sponsored, analyzed, reported and published by IBM Security.

The Cost of a Data Breach Report is a global report, combining results from 524 organizations across 17 countries and regions, and 17 industries to provide global averages.

Due to pandemic there were rapid shift  to remote work and  leads to enormous data breaches. Organizations were focused on getting online and security become afterthought. Also security leaders struggling to maintain status que or compliance of organization.

The study identify the following trends among companies:

Healthcare breach cost: Healthcare industry topped in average total cost of a data breach with $7.3 million a 10% increase over the 2019 study. Similarly, the energy sector saw a 13% increase from 2019, to an average of $6.39 million in the 2020 study. Overall, 13 of 17 industries experienced an average total cost decline year over year, with the steepest drops coming in media, education, public sector and hospitality.

Stolen credentials: Stolen or compromised credentials were the most expensive cause of malicious data breaches. One in five companies (19%) that suffered a malicious data breach was infiltrated due to stolen or compromised credentials, increasing the average total cost of a breach for these companies by nearly $1 million to $4.77 million. Overall, malicious attacks registered as the most frequent root cause (52% of breaches in the study), versus human error (23%) or system glitches (25%).

Shift to cloud: Misconfigured clouds were a leading cause of breaches. Security complexity and cloud migration cost companies most. Undergoing an extensive cloud migration at the time of the breach increased the average cost of a breach by more than $267,000, to an adjusted average cost of $4.13 million.

Remote work:  The report found that factors such as remote working has a significant impact on data breach response. Nearly 20% of organizations studied reported that remote work was a factor in data breach, and these

Breach up ending costing companies$4.96 million(nearly 15% more than the average breach)

Investment in incident response teams and plans reduced the data breach cost . companies with incident response team that also tested their incident response plan had an average breach cost of $3.25 million.