$3.86 million. That’s the average cost of a data breach globally for 2020 according to this year’s IBM Cost of a Data Breach Report. The study looked at over 500 global organizations that had suffered a data breach and interviewed 3,200 security professionals at those organizations. The report covered a lot of different aspects of breaches – from which industry experiences the most expensive breaches (healthcare) to what motivates hackers (money, usually). But the most important insights from the study were the ones that showed us where businesses are struggling the most when it comes to security. We break down what we think are the three most important takeaways and how businesses can address these challenges.
The Biggest Expense Associated with a Data Breach is Lost Business
There are a lot of different components that make up the $3.86 million price tag, but lost business is by far the biggest. Businesses have to deal with other costs – like fines and redressal services, but lost business makes up a whopping 40% of the average costs associate with a data breach.
So, what does that mean for businesses? It means that businesses need stronger incident response plans, plans that make it possible to get the business up and running again as quickly as possible during a breach. According to this very same study, incident response preparedness is actually the highest cost saver for businesses, reducing the average cost of data breach for them by a difference of $2 million. Not sure where to start on building or strengthening your incident response plan? Here are a series of blogs covering what to do to make sure your plan is top-notch.
One in Five Businesses Suffered a Data Breach Due to Stolen or Compromised Employee Credentials
Most businesses struggle with building a strong cybersecurity culture where employees are well-versed in security best practices and secure tools are key to workflow. The report attests to this – hackers regularly gain access to employees’ account information. In fact, 19% of companies that experience a data breach were infiltrated as a result of stolen or compromised credentials. These kinds of breaches are particularly expensive, increasing the average total cost of a breach for these companies by $1 million.
This goes to show just how critical it is that businesses focus on building a strong cybersecurity culture that addresses common poor security practices like weak passwords or falling for phishing attempts. Businesses also should focus on using security tools that make it harder for hackers to infiltrate. Here are some insights on how to bolster your cybersecurity culture.
80% of Breaches Included Some Kind of Personally Identifiable Information (PII)
Whether credit card numbers, social security numbers, addresses, emails or phone numbers, most businesses handle some kind of sensitive information. It’s not surprising, then that the vast majority of breaches include some kind of PII, which costs, on average $150 per record in a breach. But while this might be surprising, it doesn’t have to be this way. People work in increasingly remote workforces, meaning sharing information – including PII – often has to be done electronically. But tools that place that PII at serious risk and make it easy to lose track of your data – like email or standard messaging platforms – don’t have to be the default. Look for tools that make it easy for you to protect PII – even when you’re sharing it and make sure you’re keeping track of where that PII is going and being stored.
We work closely with organizations to make sure that their information is protected at all times, that they stay compliant and that, if a breach hits, they have a way to keep communication running while responding to the incident. Privacy and security is built into everything we do – but don’t just take our word for it. Find out how we put privacy first from Nowsecure.