What is the cost of a data breach? – Upcoming event
14 Oct 2019
The Ponemon Institute recently released their 2019 Cost of a Data Breach Report, in partnership with IBM, highlighting the financial impacts of a cyber security breach and the far reaching business consequences it may set in motion. The report analyses cyber security data from 507 organisations, across 16 continents in 17 different industries, providing new and innovative insights on the financial impacts, root causes and mitigating factors that influence and impact the costs of a data breach globally. (Ponemon, 2019) (Ponemon Institute & IBM Security , 2019 )
The 2019 global average cost of a data breach amounted to R58 million, with the average data breach size comprising of 25 575 records, representing a 1.5% increase from 2018. The increasing regularity and rising costs of cybersecurity breaches is evident when one considers the fact that the average total costs of a data breach in 2014 was recorded as being close to R51 million. This means that there has been a 12% growth in the average costs of a data breach between 2014 and 2019. (Ponemon, 2019)
The report identified that the time between the data breach and its discovery and containment had increased in length as between 2018 and 2019, with the average time for discovery and containment during 2019 increasing to 279 days from 266 days in 2018. It goes without saying that the sooner a breach is identified and contained the less costs are incurred by a company, with approximate costs of R17.8 million hanging in the balance between discovery and containment occurring within or over 200 days since the actual breach (Ponemon Institute & IBM Security , 2019 ).
It was further found that although malicious cyberattacks were the most common and most expensive, unintentional breaches from human error and system glitches remained the primary cause for almost half of the data breaches recorded, costing approximately R48.3 million and R52.2 million respectively. Ponemon Institute & IBM Security , 2019 ).
Further, the report highlighted that out of 26 factors that were analysed and studied as contributing to the overall costs of data breaches, the five that had the most significant impact, increasing costs from R4.3 million to R5.5 million, were third party involvements, compliance failures, extensive cloud migration, system complexity and operational technology. Amongst the 26 factors that were studied, extensive use of encryption, data loss prevention, threat intelligence sharing, and integrating security into software development processes, all significantly reduced costs, either as a preventative measure or in the aftermath of the breach itself. Encryption provided the greatest costs benefit, reducing breach costs by an average of R5.4million. (Ponemon Institute & IBM Security , 2019 )
Given advancements and improvements in hacking techniques, tools and abilities, the chance of an organization experiencing a data breach within the next two years have significantly increased in the last 6 years. In 2014 organisations had a 22.6% chance of suffering a cyber-attack within a two-year period, this has increased to 29.6% in 2019, reflecting an increase of 7%. Thus, organisations have almost a one in three chance today of experiencing a data breach or cyber-attack within a two year period.
Considering the key finding and conclusions iterated by the 2019 Cost of a Data Breach Report and the reported data breaches in South Africa including to Liberty Life during June 2018; ViewFines during May 2018, the South African Deeds Office during November 2017, to mention but a few, (Grove, 2018) (Niselow, 2018), one thing that is clear is that cyber-attacks and the associated data breaches are a reality that organisations of today must prepare for.
Ensure you are prepared by joining Futures Law Faculty, together with IEIT Holdings, Cyberlogic, Cog3nt and Nuventiv, in discussing the importance of Cybersecurity and the ease with which a system can be compromised with Cybersecurity Expert , Prof Cobus Jooste and 16 year old international ethical hacker, Marcus Weinberger on 24 October 2019, 6PM at Inner City Ideas Cartel.
For more information see – www.futureslawfaculty.co.za or to buy tickets –(This article is provided for informational purposes only and not for the purpose of providing legal advice. For more information on the topic, please contact the author/s or the relevant provider.)