what does a data breach cost?
TRANSCRIPT
WHAT DOES A
COST?
Assessing the risk of a data breach is the �rst step toward preparing your defensive strategy. Learn what factors a�ect the cost of a data breach and what you can do to mitigate the damage.
of experiencing a data breach involving 10,000 or more lost or stolen records.
The average company has a
1 4CHANCE
IN
Globally the average cost ofa data breach is
4MILLION
$
The average data breach in 2016 was 29% more costly than just 3 years previous.
AVG. COST PER RECORD
158$137$
AVG. COST PER BREACH
mil4$mil3.1$
AVG. RECORDS COMPROMISED
23,83422,627
This cost may be be higher or lower depending on where you are.
mil7$mil5$
mil
AVG. COST PER BREACH (2016) $4million
1.8$mil1.6$
GERMANY
USA
S. AFRICAINDIA
WHAT MAKES UP THE COST OF A
While mostly dependent on the number of records lost, the overall cost of a breach can be broken down into 4 main components.
DETECTION &ESCALATION
OTHERNOTIFICATION
RESPONSE
LOSTBUSINESS37%
25%25%
8%5%
COST OFBREACH
DETECTION & ESCALATION COSTSForensics, investigation, assessments and audits, crisis management and internal communication.
MILLION1.01$
MILLION1.02$
RESPONSECOSTSHelp desk activities, special investigations, legal expenses, identity protection services, etc.
MILLION1.51$
LOST BUSINESS COSTSAbnormal customer churn and increased customer acquisition activities in the face of reputation loss and damaged goodwill.
THOUSAND165$
NOTIFICATIONCOSTSCreating contact databases, compliance with regulatory requirements, and the cost of postal and electronic communication systems.
2 FACTORS IMPACT THE COST PER RECORD OF A DATA BREACH:
TYPE OFINDUSTRY
TIME TODETECTION &CONTAINTMENT
HEALTHCAREEDUCATIONRETAILCOMMUNICATIONSENERGYTECHNOLOGYTRANSPORTATIONPUBLIC
355$
246$
172$
164$
148$
145$
129$
80$
COST PER RECORDBY INDUSTRY
3.18MILLION
30DAYS
$ 4.35M I L L I O N
30DAYS
$
TOTAL AVERAGE COSTBASED ON TIME TO CONTAIN
HOW TO MITIGATETHE COST OF A
IT Teams can make signi�cant impact in lowering the cost of security breaches by improving their ability to prevent, detect, and respond.
THE MOST SIGNIFICANT FACTORS THAT REDUCE THE COST OF SECURITY BREACHES:
ENCRYPTION
INCIDENTRESPONSE PLANS
DATA LOSSPREVENTION CONTROLS
TRAINING & AWARENESS
PER CAPITA COST REDUCTION BY FACTOR
8$
13$
16$
9$DA
TA LO
SSPR
EVEN
TION
ENCR
YPTI
ON
INCI
DENT
RES
PONS
E PL
ANS
TRAI
NING
&AW
AREN
ESS
TRAINING AND CERTIFICATION ALLOW IT TEAMS TO REDUCE COSTS BY QUICKLY DETECTING AND ADDRESSING SECURITY BREACHES.
Certi�ed IT sta� evaluate and respond rapidly to security attacks 26% more often.
NOT ALL BREACHES ARE THE RESULT OF
MORE THAN HALF OF ALL BREACHES ARE THE RESULT OF HUMAN OR SYSTEM
TRAINING REDUCES THE LIKELIHOOD OF HUMAN ERROR, AND PREVENTS MALICIOUS ATTACKS.
AN INVESTMENT IN TRAINING CAN PREVENT THE SIGNIFICANT EXPENDITURES ASSOCIATED WITH DATA LOSS OR THEFT.
Network resources managed by certi�ed sta� are in compliance with industry security policies for access control 10% more often.
Well-trained information security teams were on average 10% more productive than their peers, and account for an average gain of $70,000 in annual improvements.
Prepare your team to prevent security issues, starting with these
CBT Nuggets training courses.
CompTIA Security+
Cisco CCNP Security
Certi�ed Information SystemsSecurity Professional
with trainer
Keith Barker
Identify risk, provide infrastructure, application information, and operational security.
Integrate an IPS, firewall components, and cloud/email security solutions.
Learn security strategies and solutions for industries from banking and financial to government and public utilities, as well as high-tech and hospitality.