Median data breach cost is R36.5m
CYBERCRIME EXPENSES HIT SA COMPANIES: LOST BUSINESS, STAFF TIME FOR RECOVERY
Study says this is the average cost to a hacked SA company.
Each stolen record costs firm R1 792.
Anew global study by IBM Security has found that the average cost to a company’s bottom line of a data breach in South Africa has risen to R36.5 million.
The study found that hidden costs in data breaches, such as lost business, negative impact on reputation and employee time spent on recovery, are difficult and expensive to manage.
Sponsored by IBM Security and conducted by the Ponemon Institute, the 2018 Cost of a Data Breach Study data collection began February 2017 and interviews were completed in April 2018. The study found that the average cost of a data breach in South Africa was up from R32 million in 2017. The average number of breached records found in the 2018 study was 21 090, a 6.3% increase in the size of the average breach.
Based on in-depth interviews with 20 companies that experienced a data breach, the study analysed hundreds of cost factors surrounding a breach, from technical investigations and recovery, to notifications, legal and regulatory activities and cost of lost business and reputation.
“While highly publicised data breaches often report losses in the millions, these numbers are highly variable and often focused on a few specific costs which are easily quantified,” said Wendi Whitmore, Global Lead for IBM X-Force Incident Response and Intelligence Services.
“The truth is there are many hidden expenses which must be taken into account, such as reputational damage, customer turnover and operational costs. Knowing where the costs lie and how to reduce them can help companies invest their resources more straSouth tegically and lower the huge financial risks at stake.”
For the past three years, the Ponemon Institute has examined the cost associated with data breaches of less than 100 000 records, finding the costs have steadily risen. The study also examined factors which increase or decrease the cost of the breach, finding that costs are heavily affected by the amount of time spent containing a breach, as well as investments in technologies that speed response time.
Detection and escalation costs also increased, rising from R9.5 million in 2016 to R11.6 million in 2017 and R12.3 million in the 2018 study. The amount of lost or stolen records also impacts the cost, at R1 792 per lost or stolen record on average –a 9.4% increase from 2017.
Globally, the study calculated the costs associated with “mega breaches” ranging from one million to 50 million records lost, projecting that these breaches cost companies between $40 million and $350 million respectively. In the past five years, mega breaches (of more than a million records) have nearly doubled – from nine in 2013 to 16 in 2017.
This article was first published on TechCentral and has been edited.