Data breaches are becoming more and more common–especially during the pandemic. They can be detrimental to any business, but the cost of a data breach varies depending on the size and scope. In addition, some industries are more susceptible than others.
Let’s look at the average cost of a data breach and see how you can protect your business from such a loss.
The average cost of a data breach
In this year’s Cost of a Data Breach Report by IBM, the average cost increased from $3.86 million last year to $4.24 million. This is the greatest single-year inflation ever noted in these reports, and broke records for the highest average cost of a data breach in history. The largest portion of this cost was due to lost business (38%).
The report also noted that organizations with a robust cyber security plan in place saw significantly lower breach costs. Businesses that were slacking in areas like cloud security, security AI, and automation saw the highest costs. In fact, there was a whopping 80% cost difference between businesses that implemented automation and security AI, versus those that did not.
It’s also important to note that IBM reported a $1.07 million dollar increase in cost when remote work was a contributing factor in a breach.
Another important metric is the average cost per-record. Simply put, this is the average cost of a single customer’s records becoming lost to a data breach. In 2021, this number came in at $161 per record–a 10.3% increase from 2020. While that was the average, the most expensive type of records were those that contained customers’ personally identifiable information with a cost of $180 per stolen or lost record.
How is cost calculated?
In this report, IBM excluded very large and very small breaches, strictly examining those with anywhere between 2,000 and 101,000 compromised records. They used an accounting method called “activity-based costing” to calculate the average cost of a data breach. This method assigns a cost to activities according to their use. IBM looked specifically at four activities, including:
- Detection and escalation– activities that allow a business to detect breaches
- Notification– activities that allow a business to notify data protection regulators, data subjects, and other third parties
- Lost business– activities aimed at minimizing the loss of revenue and customers
- Post-breach response– activities aimed at helping breach victims communicate with the business and compensate for the loss
Effects on the healthcare industry
The healthcare industry has held the record for the highest cost per breach for 11 consecutive years now. Their costs have risen by 29.5% since last year, bringing their average cost per breach to $9.23 million. That’s nearly three times the average for all other industries.
The healthcare industry has been a prime target of hackers in recent years for a myriad of reasons, specifically their access to large amounts of valuable data like credit cards and social security numbers. This makes them an ideal target along with banks, who are regularly enhancing their security measures following the rise in cyber crime.
How to protect your business
It’s always best to be prepared for any potential security breach that may come your way–especially in today’s world where cyber crime is becoming more prevalent than ever.
The majority of the breaches analyzed in this report were caused by business email compromises, phishing, malicious insiders, and social engineers. However, at least ⅕ of the breaches were caused by compromised credentials.
Using strong passwords and a password manager like Dashlane are some of the best ways to protect yourself from a data breach. To learn more about how to enhance your cyber security, check out this blog post on what your business should be doing to keep itself safe from hackers.
If you’ve got concerns about the security of your website, contact Bizzuka. We’ll help you evaluate your environment, and if we can’t help you, we have partners we can connect you with that can.