A recent report by IBM Security has estimated that data breaches cost companies an average $4.24 million per incident. In India, the average cost of a data breach was pegged at Rs 16.5 crore in 2021, which was an increase of 17.85 percent compared to last year. The Data Breach Report, an annual compendium of data breach trends, was analysed by IBM Security and prepared by the Michigan-based Ponemon Institute.
The data breach report analysed over 500 organisations that experienced such break-ins. It was reported that security incidents were getting harder to contain due to drastic operational shifts during the pandemic. Further, there was a 10 percent escalation in cost due to security breaches compared to 2020.
The report found that the time taken to detect and contain a data breach was 287-212 days and 75 days, respectively. A mega breach would cost an average $401 million. The healthcare, financial and pharmaceutical sectors bore the brunt of data breaches at an estimated cost of $9.23 million, $5.72 million and $5.04 million, respectively during the COVID-19 pandemic.
The US had the highest data breach cost at $9.05 million per incident followed by the Middle East at $6.93 million and Canada at $5.4 million.
Prashant Bhatkal, Security Software Sales Leader, IBM Technology Sales, India/South Asia, said, "India suffered a higher number of data breaches at the time of pandemic. This has resulted in many organisations evaluating their security architecture.”
The Ponemon Institute study identified the following trends across the organisations it had analysed.
Remote work impact
: The cost of breaches made organisations spend over $1 million more on an average when remote work was started, compared to work from office or on-site. Expenses on security measures for remote work cost an organisation $4.96 million, compared to $3.89 million in a more traditional setup.
Healthcare: Healthcare sector breaches had cost the most during this pandemic at $9.23 million per incident. This was a $2-million increase over the previous year. Other industries that were affected included retail, hospitality, consumer goods manufacturing and distribution.
Stolen user credentials: Over 44 percent of breaches saw a customer’s personal data being exposed. The loss of a customer’s personal identifiable information (PII) also cost companies heavily.
AI helps: Artificial intelligence (AI), security analytics, and encryption were the top three mitigating factors shown to reduce costs of a breach. Deploying AI would have saved companies between $1.25 million and $1.49 million, compared to companies who did not opt for these tools.
Cloud computing: Cloud-based data organisations implementing a hybrid cloud approach had lower data breach costs, pegged at $3.61 million, compared to primarily public cloud or private cloud that had a cost of $4.80 million and $4.55 million, respectively.
(Edited by : Shoma Bhattacharjee)
First Published: IST