The price tag is higher if the incident exposed customer data or if it was the result of a malicious attack, an annual IBM study finds
The average cost of a data breach has declined by 1.5% year-over-year, costing companies US$3.86 million per incident, according to IBM’s 2020 Cost of a Data Breach Report. The annual study analyzed data from 524 organizations that, while being based in 17 countries and regions and operating in 17 industries, have one thing in common – each of them has suffered a security breach over the past year.
For the first time this year, the study, conducted by IBM Security and the Ponemon Institute, broke down the costs per types of compromised records, which include customer personally identifiable information (PII), employee PII, and intellectual property (IP).
The analysis found that customer data was by far the most-commonly compromised type of record with 80% of breached organizations saying that customer PII was affected. “While the average cost per lost or stolen record was $146 across all data breaches, those containing customer PII cost businesses $150 per compromised record,” said the report.
However, the financial fallout also varied depending on a range of other factors. For example, if the breach was caused by a malicious attack, the cost went up to US$175. Meanwhile, if the incident impacted anonymized customer data, the average cost was US$143 but increased to US$171 if it was the result of a malicious attack.
Malicious attacks were behind most breaches (52%), with system glitches (25%) and human error (23%) coming in a distant second and third, respectively. “Alongside stolen or compromised credentials, misconfigured cloud servers tied for the most frequent initial threat vector in breaches caused by malicious attacks, at ..
Support the originator by clicking the read the rest link below.
