Costs of a Data Breach

The Ponemon Institute LLC’s recent 2018 Cost of a Data Breach study, which examined 477 companies with data breaches in the past year, showed that, while companies who prepare and stay vigilant to data breaches can reduce the costs of a breach, the majority of companies still have not implemented effective preventative measures like encryption, employee training, or reactive measures like incident response teams.

The study found that the average total cost of a data breach rose 6.4% last year to $3.86 million, and the cost of a mega breach—a breach involving more than one million records—equated to an estimated $39.49 million.

That said, companies can take proactive steps to prevent data loss as well as reactive steps to identify and rectify data breaches that can drastically reduce the costs associated with data breaches. Specifically, while the average cost per compromised record is $148, the study concluded that the following practices can decrease those costs:

• creating an incident response team to quickly identify and respond to data breaches (saves $14.00 per compromised record);
• using encryption extensively to ensure data cannot be easily taken (saves $13.10);
• training employees on how to access and handle sensitive data (saves $9.30);
• implementing technology to protect data like data loss prevention tools or artificial intelligence platforms (saves $6.80); and
• engaging in data classification to identify sensitive data needing additional protection (saves $5.10).

TIP: Implementing effective measures to decrease the likelihood of a data breach through training employees, classifying data, and implementing data protection technologies, is the first step in preventing costly data breaches. Creating a plan to identify and respond to data breaches is an equally important second step because a company expeditiously identifying and containing a data breach significantly lowers the costs.