Data Breach Costs Rise

Wednesday, October 15, 2014 @ 03:10 PM gHale

Cleanup and resolution of a breach takes an average time of one month to complete and it costs a large organization $20,000 per day to clean up and remediate.

To add it all up, the price tag for a data breach now at $639,462, a new Ponemon Institute report found.

Security Training Means Less Incidents
Breach Alert: Critical Infrastructure at 70%
Data Breaches: Not Learning from History
Sounding Off on Internet of Things

That’s an increase of 23 percent over last year, said Larry Ponemon, chairman and founder of the Ponemon Institute, whose 2014 Global Report on the Cost of Cyber Crime, an annual look at what organizations end up paying after a breach.

Ponemon, which surveyed 257 large companies in seven countries, measured the costs of more than 1,700 attacks suffered by the firms. The average cost of an attack is $639,462, according to the report.

The average cost of cybercrime per company in the U.S. was $12.7 million this year, according to the Ponemon report, and U.S. companies on average end up hit with 122 successful attacks per year.

Globally, the mean annualized cost for the surveyed organizations was $7.6 million per year, ranging from $0.5 million to $61 million per company. Small organizations have a higher per-capita cost than large ones ($1,601 versus $437), the report found.

Some industries incur higher costs in a breach than others, too. Energy and utility organizations incur the priciest attacks ($13.18 million), followed closely by financial services ($12.97 million). Healthcare incurs the fewest expenses ($1.38 million), the report said.

Malicious insider attacks cost the most for an organization ($213,542) and are the rarest form of attacks, the report said. DDoS attacks are a close second in cost ($166,545), according to the report.

Business disruption is the highest external cost, followed by information loss. Internally, detection is the priciest, the report said.

“Attackers only need one shot to gain access to an organization’s data, which could result in a huge financial impact for the organization as well as reputational damage,” Ponemon said. “It is critical for organizations to take preventative measures and invest in the security of their organization, as that investment could significantly decrease any financial losses that could occur from a public security breach.”

Leave a Reply

You must be logged in to post a comment.