Earlier this year, the Ponemon Institute released its annual Cost of a Data Breach Report. Now in its 17th year, the 2021 report stands as a benchmark in the cyber security industry. This year’s report offers insights into cyber breaches from May 2020 to March 2021 alongside recommendations on how to reduce business risk. In this article, we’ll list several key findings from the report as well as highlighting proven security solutions that could help your business.
KEY FINDINGS
The key findings within the report are based on IBM Security analysis of the Ponemon Institute's research data. Some of the most revealing trends include:
- The average cost of a data breach saw the largest single-year increase in seven years, rising by 10% to an all-time high of $4.24 million.
- Remote working and digital transformation due to the global pandemic increased the average cost of a data breach. There was a $1.07 million cost difference where remote work was a factor in causing a breach.
- For the 11th consecutive year, healthcare had the highest average industry cost of a breach. Costs also surged in the public sector.
- Lost business represented the largest share of breach costs at an average total of $1.59 million.
- A customer’s personally identifiable information was the most common type of record lost. It was included in almost half of breaches costing businesses $180 per record.
- Compromised credentials were the most common initial attack vector and were responsible for 20% of breaches.
- The average breach took 287 days to identify and contain. The longer it took to identify, the more costly the breach.
- Compliance failures was the top factor found to increase data breach costs. The failures amplified costs by $2.3 million compared to organisations with high levels of compliance.
- Ransomware continued to be the most expensive type of breach, costing businesses on average $4.6 million.
SOLUTIONS SUCCESSFUL IN REDUCING THE COST OF DATA BREACHES
Within the report, there were several key findings that included success stories. The following security measures helped organisations to reduce the cost of a data breach:
- Incident Response Planning - organisations that had formed incident response teams and tested plans experienced data breach costs that were $2.46 million less than their counterparts.
- Cyber security AI and Automation - organisations with fully deployed cyber security AI solutions and automation decreased the average time to identify and contain data breaches, resulting in an 80% reduction in cost. That is a $3.81 million difference in overall cost.
- Zero-Trust Approach - while only 35% of organisations had implemented a zero-trust security approach, those that had reduced the average cost of a data breach by $1.76 million.
- Cloud Modernisation Maturity - companies that were further along in cloud modernisation maturity, were able to identify and contain breaches 77 days faster than those in the early stages of cloud migration.
RECOMMENDATIONS TO PROTECT YOUR BUSINESS
The 2021 report clearly shows that the cost of a data breach is continuing to rise and the need to mitigate and respond to these threats is more important than ever. To help reduce the risk and cost of a breach, should your business fall victim, the report recommends the following:
- Invest in security orchestration, automation and response to help improve detection and response times.
- Stress-test your incident response plans to increase cyber resilience and optimise your ability to respond quickly and effectively to attacks.
- Adopt a zero-trust security model to prevent unauthorised access to sensitive data.
- Use tools to gain deeper visibility and help protect and monitor endpoints and remote employees.
- Invest in governance, risk management and compliance programs so you can evaluate risk and track compliance.
- Protect sensitive data in cloud environments and reduce the volume of sensitive data that is vulnerable by using policy, data classification and encryption.
- Embrace an open security architecture and managed security services to minimise the complexity of your IT and Security environment.
To find out more about the cost of a data breach read the full report today. If you’d like to assess how vulnerable your organisation is to a data breach get in touch with the Infotrust team for a health assessment.