Data breaches are becoming increasingly problematic for companies - not only are they becoming more common, they are also becoming more costly. IBM Security and Ponemon Institute released a study this month that estimates the cost of the average data breach is now at $4 million, a 29% increase from 2013. The consequences of a data breach vary dramatically among different industries, with regulated industries facing the highest costs. Healthcare organizations lose an average of $355 per stolen record while the cost to the average public sector company is only $80.
In North America, most breaches are caused by a malicious or criminal attack, as opposed to a system glitch or human error. Unfortunately, the average costs for malicious and criminal attacks are higher as they take they most time to detect and contain. According to the study, this is particularly enhanced in Canada; of the twelve countries included in the study Canada faces the highest detection costs. That being said, the most significant cost to organizations is the loss of business and their customers’ trust.
Data breaches are part of the larger issue of cyber security. In recent years there have been hacks of major social media outlets such as LinkedIn and Twitter. Though the impact on individuals is more difficult to quantify there is still undoubtedly a cost. Just as individuals should take steps to use secure passwords and change them frequently, organizations must adapt to the increase in breaches and costs. Data loss prevention controls such as encryption can guard against a breach. Companies should also take steps to minimize costs in the event of a breach by implementing incident response plans and teams. Though data breaches are an inevitable risk of doing business, the risk can be minimized.