It appears that one of the most regulated industries also holds the title for the highest average data breach costs – coming in at just under $11 million per breach.
For the last 18 years, IBM has provided the world with a view into what organizations go through – and the resulting costs – when remediating a data breach. It’s far more than just stopping an attacker and restoring systems; there are lost business costs, costs associated with detection and escalation of an attack, post-breach response costs, and notification costs.
According to IBM’s Cost of a Data Breach Report 2023, the average data breach costs $4.45 million, with over half (52%) of these breaches resulting in customer data being stolen. And with the customer data in Healthcare falling under regulations with severe penalties, it only makes sense that a data breach is going to cost more. According to the report, data breach costs in Healthcare averaged $10.93 million – more than double the average, and dwarfing the second highest industry (Financial Services) which experienced data breach costs averaging only $5.9 million.
While Healthcare’s nearly $11 million price tag for data breaches is only up 8% from last year’s number, it does represent a 53% rise over the last three years. It’s also the risk value that organizations in that sector should measure the cost of proactive security controls – which includes Security Awareness Training – against when budgeting effective tools that will stop breaches before they ever begin.