News: Incident response found to be biggest factor in reducing data breach costs.
When it comes to the old adage ‘time is money’, never has it been more apt than in the cost of a data breach. According to a Ponemon Institute study sponsored by IBM, the average cost of a data breach now stands at $4 million – a huge 29% increase since 2013.
Looking at the UK specifically, the Ponemon report made for slightly easier reading than the global figures, showing that the average cost of a stolen record decreased to £102 from £104. However, the most important figure echoed the global findings with an increase – the average total cost of a data breach was found to be £2.53 million, an increase from 2015’s figure of £2.37 million.
The global study found that cyber security incidents continue to rise in both volume and sophistication, with 2015 seeing a 64% rise in cyber security incidents when compared to 2014. The problem is, as cyber security attacks get more complex and greater in number, the costs rise too. The key to minimising these costs comes down to speed, as the longer it takes to detect and contain a data breach, the more costly it comes to resolve. The study found that breaches identified in less than 100 days cost companies an average of $3.23 million, but breaches found after the 100 day mark cost over $1 million more on average.
The average time to identify a breach in the study was estimated at 201 days, and the average time to contain a breach was estimated at 70 days.
The stats highlight the importance of speed, as well as the team which is key in delivering that speed – incident response.
The study found that having an incident response team saved companies a huge $400,000 on average and was found to be the biggest factor in reducing the cost of a data breach. However, a worrying 70% of US security execs said that they didn’t have an incident response plan in place.
"The amount of time, effort and costs that companies face in the wake of a data breach can be devastating, and unfortunately most companies still don’t have a plan in place to deal with this process efficiently," said Ted Julian, Vice President, Resilient an IBM Company. "While the risk is inevitable, having a coordinated and automated incident response plan, as well as access to the right resources and skills, can make or break how much a company is impacted by a security event."
The UK findings of the Ponemon report made for slightly easier reading than the global figures, showing that the average cost of a stolen record decreased to £102 from £104. However, the most important figure echoed the global findings with an increase – the average total cost of a data breach was found to be £2.53 million, an increase from 2015’s figure of £2.37 million.