Ponemon Institute who conducts research and encourages information and privacy management has presented a Cost of Data Breach report with support of Symantec. The research took over a ten-month period including 1400 individuals including IT professional, compliance, and information security practitioners in 277 organizations in nine countries. All these organizations have experienced data breach by way of compromised records.
Key Findings:
The data breach records were ranging from 1,000 to 100,000 and above this; they do not include any data breach. The research was carried on following topics.
- Frequency of data breach
- Cost of data breach per record
- Cause of data breach
- Factors affecting data breach
- Trends in consumer churn
- Changing trend in occurrence of compromised records
The totals of organizations studied in 277 countries are presented in following table with cost wise data breach as per US currency.
- Australia has recorded highest in data breach with average size of 34249 data breaches.
- Japan has recorded lowest position in data breach with average size of 18237 data breaches.
Take a look at records:
Per capita cost:
The average per capita cost for nine countries was 136USD compare to 130 USD in last year.
Seven factors that affect per capita cost of data breach:
Factors as third party error, lost or stolen devices, and quick notification increased per capita cost of data breach and on contrary, data breach incident response plan, strong security posture, CISO (chief information security officer) appointment can reduce per capita cost of data breach.
Organizational cost of data breach:
- USA and Germany companies have highest organizational data breach cost of $5.4 million and $4.8 million respectively.
- India and Brazilian companies have lowest organizational data breach cost of $1.3 million and $1.1 million respectively.
Cause of Data breach:
The report says that 37% of malicious attack, 29% of system glitch, and 35% of human errors were responsible for data breaches.
Country wise cause of data breach:
Countries recorded with more churn rates:
- France has highest churn rate of 4.4% while Brazil has lowest 2.4% churn rate.
- The more churn rate means the country has chances of reducing the cost of data breach. Moreover, country tried to focus on customer retention, brand value.
Recommendation:
It is in the interest of organization to take immediate steps to prevent further losing due to data breach like:
- Instant stop illegal access and close down the system that was breached.
- Evaluate the situation to lessen the harm.
- Take out preliminary assessment under authorized person’s supervision and collect the data of breached information, cause of breach, harm caused due to breach, and degree of breach.
- Aware of breach either internally or externally to affected person like client, employee, other agencies, or service provider.
- If any investing agency is there, then contact it instantly and never destroy any evidence as it may help agency in investigation.
- Prepare prevention plan for future includes security audit, policy review and procedures, training to employees.
- Evaluate the prevention plan and make sure it has been fully implemented.
We are thankful to Symantec and Ponemon for this useful report. Kindly visit this link for detailed report.