Like everything else in this world, data breaches are costing organizations more too.
The industry data available today provides valuable context for organizations looking to understand where to place their focus, budget, and efforts. Executives and IT teams alike are keenly aware of the need for cyber-security initiatives, but often lack the proper defense to stop an attack that results in a data breach.
According to Hiscox, an average of 10.5% of IT budgets are dedicated to cyber-security, but is it enough?
The answer can be found by looking at the alternative – what happens should a data breach occur. Ponemon’s 2018 Cost of a Data Breach report outlines the costs associated with recovering from a breach – these include costs associated with detection and escalation, notification and communication, post-data breach response, and lost business (a detailed list of nearly 20 cost sources is outlined in the report).
The scary thing is, despite organizations taking measures to improve security, the cost of data breaches is only increasing. This year the average data breach cost $3.86 million, which translates to $148 per record stolen. This is a total cost increase of 6.4% over last year’s reported cost. The U.S. had the highest cost per record of $233 (up from $225 in 2017). Healthcare had the highest cost per record at $408 (up from $380 last year).
Nearly every number in the 2018 report is up across the board, highlighting the need for organizations to take a detailed look at the attack methods used and implement effective security measures to counteract attacks. One of the most cost-effective and impactful ways is by securing the one part of the stack that you can’t patch – the user. By leveraging Security Awareness Training, organizations reduce the risk of attack (and, therefore, breach) by 37%!
Your organization already can’t afford a data breach. And, with the costs increasing, it’s high time you take steps to minimize the risk of it happening.