The study was sponsored by IBM and conducted by the Ponemon Institute which carried in depth interviews with nearly 400 companies across the globe.
Cybersecurity incidents continue to grow in both volume and sophistication, with 64% more security incidents reported in 2015 than in 2014. As these threats become more complex, the cost to companies continues to rise.
The study found that companies lose USD 158 per compromised record. Breaches in highly regulated industries were even more costly, with healthcare reaching USD 355 per record – a full USD 100 more than in 2013.
According to the study, leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach – saving companies nearly USD 400,000 on average (or USD 16 per record).
Response activities like incident forensics, communications, legal expenditures and regulatory mandates account for 59% of the cost of a data breach. Part of these high costs may be linked to the fact that 70% of US security executives report they don’t have incident response plans in place.
The study also found the longer it takes to detect and contain a data breach, the costlier it becomes to resolve. While breaches that were identified in less than 100 days, cost companies an average of USD 3.23 million, breaches that were found after the 100-day mark cost over USD 1 million more on average (USD 4.38 million).
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now