January 17, 2022
Alerts & Bugs

Data breach costs at their highest in 17 years, IBM Security study shows – ET CISO

Pune: The average cost of a data breach has risen to a seventeen-year-high of $4.24 million (about Rs 32 crore) in 2021, according to a new study. In India, that figure stands at Rs 16.5 crore.

‘The Cost Of A Data Breach Report’—conducted by Ponemon Institute and sponsored and analysed by IBM Security—was based on an analysis of real-world data breach experienced by more than 500 organisations. The study found that security incidents became costlier and harder to contain due to drastic operational shifts during the pandemic. Such costs rose 10% compared to the pre-pandemic era.

“The rapid shift to remote work witnessed a tremendous disruption of security programs. Organisations were focused on getting online and security became an afterthought,” said Prashant Bhatkal, security software sales leader at IBM Technology Sales India/South Asia.

“India witnessed record high data breach during the pandemic leading to many organisations evaluating their security posture,” he said “It is evident that along with modernisation…comes significantly decreased costs associated with data breaches.”

According to the IBM Security study:

  • A data breach cost over $1 million more when remote work was indicated as a factor.
  • Industries that faced huge operational changes during the Covid-19 pandemic also experienced a substantial increase in data breach costs year-on-year.
  • Data breaches in the healthcare sector cost the most at $9.23 million per incident— $2 million higher than the previous year. Stolen user credentials were the most common root cause of breaches in the study.
  • Customer personal data (name, email address, password, etc.) was the most common type of information exposed in data breaches with 44% of incidents including this type of data.
  • The average mean time to identify a data breach increased from 230 to 239 days and the average mean time to contain a data breach decreased from 83 to 81 days.

“Further, we witnessed organisations with less than 50% remote work adoption took 208 days on an average to identify a data breach and 72 days to contain a data breach,” the study stated. Companies with more than 50% remote work adoption took 271 days on average to identify a data breach and 83 days to contain a data breach.Indian organisations, which are in the mature stages of adopting zero-trust deployment, spent Rs 13.18 crore against each data breach. That figure stood at Rs 19.87 crore for companies that are in the early stages of adopting zero-trust deployment.

Related Posts

Leave a Reply

Your email address will not be published. Required fields are marked *