Data Breaches Cost Companies $4.24M Per Incident On Average

The new report also found that breaches cost over $1 million more on average when remote work was indicated as a factor in the event.
Vincent RyanJuly 28, 2021

Companies hit by data breaches are impacted by $4.24 million per incident on average, according to the annual Cost of a Data Breach Report conducted by Ponemon Institute and published by IBM Security. That cost is up 10% from one year ago and is the highest cost in the 17-year history of the report.

The COVID-19 pandemic had a deleterious effect on cybersecurity, with a sudden shift to remote learning and working resulting in 60% of organizations moving their computing needs further into cloud-based services.

Drive Business Strategy and Growth

Drive Business Strategy and Growth

Learn how NetSuite Financial Management allows you to quickly and easily model what-if scenarios and generate reports.

But too many organizations failed to adjust their security needs to these IT changes, and the new report found breaches cost over $1 million more on average when remote work was indicated as a factor in the event.

Furthermore, industries that experienced significant operational changes during the pandemic had disproportionately higher data breach costs, most notably with health care breaches costing $9.23 million per incident, up $2 million from one year earlier.

The financial services industry and the pharmaceutical sector saw their respective data breaches averaging $5.72 million per incident and $5.04 million per incident.

The report also found that 44% of breaches personal data — including name, email, password, and health records — and compromised user credentials were the most common entry point used by cyber miscreants. Breaches resulting from compromised credentials took an average of 250 days to identify.

Regionally, the most expensive data breaches occurred in the U.S. ($9.05 million per incident), followed by the Middle East ($6.93 million) and Canada ($5.4 million).

The new report culled its information from data breaches of 100,000 records or less, experienced by more than 500 organizations worldwide between May 2020 and March 2021.

This story originally appeared on Benzinga. © 2021

Benzinga does not provide investment advice. All rights reserved.

 Image by Darwin Laganzon from Pixabay