The global cost of data breaches will rise to $2.1 trillion by 2019, according to market analysts Juniper Research. The report cites the rapid digitization of society as a crucial factor but insists that the role of emergent technologies, such as mobile devices and the Internet of Things (IoT), will be minimal in comparison to established computing devices and network infrastructures.
Since Juniper made that prediction, there have been occasional stories involving IoT devices – including an attack on a university’s lampposts – but established IT frameworks have continued to be the prime target. The reason for the rise, Juniper claims, is that technologies are becoming more prevalent across the world, growing exponentially in urban areas and emerging in less developed areas. This is both creating more targets for attacks and arming more potential cyber criminals.
Millions of Americans have been victims
The United States alone accounted for 47% of the world’s data breaches last year, and a number of recent surveys have looked deeper into the frequency and cost of data breaches. Global think tank RAND, which surveyed Americans about consumer attitudes to data breaches, reports that 28% of respondents (representing an estimated 64 million US adults) said that they had experienced a breach notification in the past year. The average cost of a breach was $500 but figures varied depending on the information that was compromised:
- Health information – $1,000
- Social Security numbers – $1,000
- Credit card information – $500
- Other financial information – $864
This information largely supports a similar study published in January by the Pew Research – although that report says that as many as two thirds of US adults have experienced a data breach.
Breaches cost companies
Not only are data breaches on the rise, the value of lost data is also rising. Another study, this one by Ponemon Institute, looked at the material cost of a breach for businesses worldwide. It reports that the average consolidated total cost of a data breach is $4 million.
It also calculates a dollar amount for each lost or stolen record containing confidential information. The average cost of a single record, it says, is $158 – a four-dollar rise since last year.
In a global and online landscape, protecting information and safeguarding against threats is essential to business growth. In its report, Ponemon Institute listed certain factors that decrease the cost of a data breach, including incident response plans and teams, data encryption, and training employees. Business continuity management involvement or extensive use of data leakage protection also reduced the cost of data breaches, while extensive Cloud migration or breaches caused by third-party error increased the cost.
Establishing cyber risk management can help mitigate breaches. The international standard ISO 27001 sets out a best-practice approach to cyber risk management that can be adopted by all businesses, large or small. Encompassing people, processes, and technology, ISO 27001’s approach to cybersecurity is designed around the results of regular risk assessments, so organizations can mitigate cyber risks in a cost-effective and efficient way.