Cost of Data Breach Ponemon Report 2019
The global average cost of a data breach now stands at $3.92 million, meaning it has increased 1.5 percent from 2018 and up 12 percent since 2014. An organisation is almost one-third more likely to experience a breach within two years than they were in 2014. Data breaches can have a significant and long-lasting impact on organisations. Lost business, regulatory fines and remediation costs result in data breaches having far reaching consequences.
The Cost of a Data Breach Report 2019 – conducted by the Ponemon Institute and sponsored by IBM Security – is based on in-depth interviews with more than 500 companies around the world who experienced a data breach between July 2018 and April 2019.
The report discovers the factors that influence the cost of a data breach and the security measures that can help organisations reduce the financial impact.
The report shows that loss of customer trust had serious financial consequences for the companies studied. Lost business was the largest of four major cost categories that contributed to the total cost of a data breach.
Costs impacted the organisations for years. On average 67 percent of breach costs came in the first year, 22 percent accrued in the second year after a breach, and 11 percent of costs occurred more than two years after a breach.
Causes and Security Measures
In terms of the causes of the breaches, malicious attacks were the most common and most expensive root cause of breaches report says. About one-quarter of breaches cited human error as the root including the “inadvertent insiders” who had been compromised by phishing attacks or had their devices infected, lost or stolen. Cloud migration, IT complexity, and third-party breaches were identified as cost amplifiers.
Extensive use of encryption, data loss prevention, threat intelligence sharing and integrating security into the software development process (DevSecOps) were all associated with lower-than-average data breach costs.
At Cycubix we believe training plays a fundamental role in the prevention of data breaches and in managing a successful cyber security strategy. Our courses are designed to address the dynamic landscape and the broader business context of clients and cover general security awareness, through to practitioner-level training and up to globally recognised cybersecurity certifications.
You can explore the full findings of the Cost of a Data Breach Report here
Cycubix is an (ISC)² Official Training Provider and offers CISSP, CCSP, CSSLP, SSCP trainings.
In addition, we offer custom cybersecurity training, security awareness training, corporate cybersecurity training, cybersecurity consultancy to ensure we adapt to your company’s specific needs. Discover all our cyber security trainings and online cyber security trainings available at Cycubix