Every day, week, or month that passes we in the security community watch company after company get breeched by hackers or make the news with some other large scale security incident. If you work in the enterprise environment, more than likely you work for a company that either has had a large scale security incident or will have one in the future. Some corporations are taking proactive steps to make sure that they are not the next ones to make the news and the number of these corporations is on the rise as study after study shows the direct and in-direct costs that come with a data breach.
IBM recently published a study highlighting the cost of a corporate data breach in 2015 and the results speak for themselves. The study was the product of 1500 interviews spanning 11 countries, 350 companies in 27 industries, and concluded that the average cost of a breach is $3.8 million per breach, per company worldwide. In the healthcare industry in the U.S. that number more than doubles with the average cost of a breach at $6.5 million.
Global Study at a Glance:
• 350 companies in 11 countries
• $3.79 million is the average total cost of data breach
• 23% increase in total cost of data breach since 2013
• $154 is the average cost per lost or stolen record
• 12% percent increase in per capita cost since 2013
US Study at a Glance:
• 62 companies participated
• $6.5 million is the average total cost of data breach
• 11% increase in total cost of data breach
• $217 is the average cost per lost or stolen record
• 8% increase in cost per lost or stolen record
Study link: http://www-03.ibm.com/security/data-breach/index.html
Infographic link: http://www-03.ibm.com/security/infographics/data-breach/
Studies like these are showing C-suite executives the value in adopting new technologies to combat the advanced persistent threats that cost enterprises billions every year. When an enterprise has made the decision to invest in security, one of the areas often overlooked is who will analyze the information these tools capture once put into place. Time and again we have seen retrospective studies that show breaches could have been stopped if the tools they had in place had been properly managed. At Archetype SC we emphasize having policies and procedures in place to prevent, stop, and react to a potential breach or incident. We have experts in all facets of enterprise security and work with organizations to manage their security posture so they do not end up as tomorrow’s headline.