According to American multinational technology firm, International Business Machines (IBM), the average global cost of a data breach increased by nearly 10 percent a year to $4.2 million over the last year.
The rise was attributed to remote employment and rapid digital transformation as a result of the COVID-19 epidemic, as per the IT company’s annual Cost of a Data Breach Report 2021.
“Organizations that had more than 50 percent of their workforce working remotely took 58 days longer to identify and contain breaches than those with less working remotely,” the report said.
The IBM study, which was completed independently by the Ponemon Institute in Washington, is based on an investigation of more than 537 real-world data breaches that occurred in 17 different businesses across 17 different regions and nations during the past year.
The US continued to top the list, with average costs of $9.05 million, up from $8.6 million a year ago. It was followed by Saudi Arabia and the UAE at $6.9 million, Canada at $5.4 million, Germany at $4.9 million, and Japan at $4.7 million.
The average overall cost of lost business was $1.6 million. Higher customer attrition, lost revenue due to system outages, and the rising cost of getting new business when a company’s brand has been tarnished was among the factors.
Mr. Hossam El Din, IBM’s general manager for the Middle East and Pakistan noted that “The rapid adoption of digitization in the Middle East has made the region an attractive target for a wide array of cyber threats and this has also been intensified by the pandemic.”
Business email compromise accounted for only 4 percent of breaches, yet it had the highest average overall cost of the ten top attack vectors in the survey, at $5.01 million.
In comparison to 2020, the average total cost of healthcare breaches increased by 29.5 percent to $9.2 million this year. The energy sector fell from second to fifth place this year, with an average attack cost of $4.7 million.
A data breach takes an average of 287 days to detect and contain, broken down into 212 days to identify the intrusion and 75 days to stop it. That means that if a breach happened on January 1, it would take until October 14 to contain it.
Furthermore, IBM added that “Organizations with fully deployed security AI and automation were able to detect and contain a breach more quickly (247 days) than organizations with no security deployed.”