IBM Security Data Breach Study: Malicious Attacks Increase

The average data breach costs a whopping $3.92 million, according to the latest IBM study.

IBM Security just released its 2019 Cost of a Data Breach Report. The company concluded that the average data breach cost has increased 12% since 2014 as a result of increased regulation, and complex and longer-lasting resolution processes.

The Ponemon Institute surveyed 500 data breach victims, which varied in size and industry. One-half (49%) of the incidents stemmed from human error and system glitches. Incorrectly configured servers caused more records to be lost in 2018 than any other factor, according to IBM’s X-Force Threat Intelligence Index.

Malicious attacks, on the other hand, claimed more than $1 million than did accidental causes on average, and they are increasing in number. Cybercriminal-driven incidents have increased from 42% to 51% over the last six years.

IBM’s Wendi Whitmore

“Cybercrime represents big money for cybercriminals, and unfortunately that equates to significant losses for businesses,” said Wendi Whitmore, global lead for IBM X-Force Incident Response and Intelligence Services. “With organizations facing the loss or theft of over 11.7 billion records in the past three years alone, companies need to be aware of the full financial impact that a data breach can have on their bottom line — and focus on how they can reduce these costs.”

SMBs suffered massive losses of $2.5 million on average, which could be up to 5% of their annual revenue. American companies lost twice as much money ($8.19 million) than their global peers. Health care remained the biggest loser for the ninth consecutive year.

There’s hope, however, for companies that implement more security measures.

The survey found that companies equipped with an incident response team and extensive incident response testing lost $1.23 million less than their peers. The average breach life cycle lasted more than nine months (279 days), but the companies that contained the breach within 200 days saved $1.2 million. Encryption also helped reduce the total cost of a breach by $360,000, according to IBM.

IBM published an infographic with statistics from the study.

Channel Partners analyzed results from the Verizon Data Breach Investigations Report back in May. The report suggested that companies are getting better at minimizing phishing attacks.