Press "Enter" to skip to content

Calculate the risk

The 11th annual Cost of Data Breach Study, independently conducted by Ponemon Institute and sponsored by IBM, found that the average total cost of a data breach for the 383 companies that participated, increased from $3.79 to $4 million. The average cost paid for each lost or stolen record containing sensitive and confidential information increased from $154 in 2015 to $158 in this year’s study.

The global study looked at the likelihood of a company having one or more data breach occurrences in the next 24 months, estimating a 26 per cent probability of a material data breach involving 10,000 lost or stolen records.

Seven global megatrends

1 The cost of a data breach has not fluctuated significantly, suggesting it is a permanent cost organisations need to be prepared to deal with and incorporate in their data protection strategies.

2 The biggest financial consequence of a data breach is lost business.

3 Most data breaches continue to be caused by criminal and malicious attacks. These breaches take the most time to detect and contain and as a result, have the highest cost per record.

4 Organisations recognise that the longer it takes to detect and contain a data breach the more costly it becomes to resolve. Over the years, detection and escalation costs have increased. This suggests investments are being made in technologies and in-house expertise.

5 Regulated industries, such as healthcare and financial services, have the most costly data breaches because of fines and the higher than average rate of lost business and customers.

6 Improvements in data governance programs will reduce the cost of data breach. Incident response plans, appointment of a CISO, employee training and awareness programs and a business continuity management strategy, continue to result in cost savings.

7 Investments in certain data loss prevention controls and activities such as encryption and endpoint security solutions are important for preventing data breaches. This year’s study revealed a reduction in cost when companies participated in threat sharing and deployed data loss prevention technologies.

By numbers

383 companies in 12 countries

$4 million is the average total cost of data breach

29% increase in total cost of data breach since 2013

$158 is the average cost per lost or stolen record

15% increase in per capita cost since 2013