- A data breach now costs organizations an average total of $3.8 million, up 23% from 2013, according to a Ponemon Institute report sponsored by IBM.
- The study, which looked at 350 companies in 11 countries, found the average cost of a stolen record to be $217 in the United States. NB: That figure is not controlled for industry. The worldwide per capita cost of a stolen record in the healthcare industry is $363, making it the most expensive industry for breach.
- The study also found that 49% of breaches in the U.S. are the result of criminal attack, rather than human error or a system glitch.
What factors mediate the cost of a breach? According to the study, an incident response team can create over $12 in per-capita savings. Extensive use of encryption, employee training, BCM involvement, a CISO appointment, board-level involvement and insurance protection can all have a positive impact on the cost of stolen records.
On the other side of the scale, the engagement of consultants, rush to notify, lost or stolen devices and third-party involvement actually had a negative impact on the cost of a breach—they raised the per-record cost to as much as $16 (third-party involvement).