In addition to the direct costs of a data breach, nearly half of the total costs occur more than a year after the incident, IBM Security said.
A successful data breach is costly to the affected organization, not only in time, resources and reputation, but also in hard cash. In addition to the costs of detecting, mitigating and cleaning up after a breach, there are long-term costs that can plague an organization for months or even years. A report released Wednesday by IBM Security looks at the impact of data breaches on its bottom line.
To be “Cost of a data breach report 2022IBM Security Ponemon Institute commissioned the analysis of 550 organizations affected by data breaches between March 2021 and March 2022. With more than 3,600 interviews with individuals in the organizations involved, the aim was to determine the immediate and long-term costs of a breach.
Of the organizations analyzed for the study, 85% were victims of more than one data breach during the 12-month period covered by the study. The average cost of a data breach hit a record high of $4.35 million this year, a gain of 2.6% from 2021 and 12.7% from 2020. In the United States, the average cost was $9.44 million, the highest amount of any country also.
The cost of a data leak can also linger. Nearly 50% of the costs analyzed by IBM Security occurred more than a year after the actual breach. In addition, some 60% of organizations experiencing a breach were forced to pass on costs by raising prices to their customers.
Looking at how and why the breaches occurred, 45% of these were cloud-based, 19% were due to a business partner being hacked, another 19% were the result of stolen or compromised credentials, and 16% were caused by phishing attacks.
What business leaders can do to prevent data breaches
To help organizations protect themselves from data breaches, IBM Security offers the following tips:
Implement zero trust security
Amid remote and hybrid working conditions and multi-cloud environments, zero trust can help protect sensitive data and other assets by restricting access. To that end, employees will want to use security tools that can share information between different systems and centralize your security operations.
Protect data in the cloud by using specific policies and encryption
To secure an organization’s cloud-hosted databases, use data classification schemes and retention tools to make it easier for IT departments to see and reduce the amount of sensitive data vulnerable to a breach. Use both data encryption and homomorphic encryption to protect sensitive files. Furthermore, using an internal audit framework can help users measure security risks, better meet compliance standards, and improve the company’s ability to detect and contain a data breach.
Switch to automated security tools
Consider the following tools to improve a company’s security posture:
- Security, Automation and Response (HOVER)
- Security information and event management (SIEM) software
- Comprehensive detection and response (XDR)
All three enable IT departments to respond more quickly to security incidents through automation and integration with existing security products. XDR can also lead to lower costs for data breaches.
Use tools to protect external endpoints and employees
Data breaches where remote working was a factor were more expensive to mitigate than breaches where it wasn’t a factor. For that reason, tools like Unified endpoint management (EMU), Endpoint Detection and Response (EDR) and Identity & Access Management (IAM) can provide a clearer picture of suspicious activity, especially on remote devices and endpoints that your organization does not directly control. All three can speed up the time it takes to investigate and respond to a breach, as well as to isolate and contain it.
Improve security by creating incident response measures.
An effective way to control the costs of a data breach is to build an incident response team and then develop and test a response plan. To learn how to respond more quickly to a breach, perform regular table-top exercises or breach scenarios using a simulated environment. Simulation exercises for opponentsAlso known as red team drills, IT departments can help determine the effectiveness of their response team and identify any gaps in their security capabilities.