Survey identifies tangible advantages of having a cyber incident response team in place

Published: Thursday, 22 June 2017 07:57

IBM Security has published the results of a global study exploring the implications and effects of data breaches on today's businesses. Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach is $3.62 million globally, a 10 percent decline from 2016 results. This is the first time since the global study was created that there has been an overall decrease in the cost. According to the study, these data breaches cost companies $141 per lost or stolen record on average.

Analyzing the 11 countries and two regions surveyed in the report, IBM Security identified a close correlation between the response to regulatory requirements in Europe and the overall cost of a data breach. European countries saw a 26 percent decrease in the total cost of a data breach over last year's study. Businesses in Europe operate in a more centralized regulatory environment, while businesses in the United States have unique requirements, with 48 of 50 states having their own data breach laws. Responding to a multitude of regulatory requirements and reporting to potentially millions of consumers can be an extremely costly and resource intensive task.

According to the 2017 ‘Cost of Data Breach Study: Global Overview’, ‘compliance failures’ and ‘rushing to notify’ were among the top five reasons the cost of a breach rose in the US. A comparison of these factors suggests that regulatory activities in the US could cost businesses more per record when compared to Europe. For example, compliance failures cost US businesses 48 percent more than European companies, while rushing to notify cost US businesses 50 percent more than European companies. Additionally, US companies reported paying over $690,000 on average for notification costs related to a breach - which is more than double the amount of any other country surveyed in the report.

"New regulatory requirements like GDPR in Europe pose a challenge and an opportunity for businesses seeking to better manage their response to data breaches," said Wendi Whitmore, Global Lead, IBM X-Force Incident Response & Intelligence Services (IRIS). "Quickly identifying what has happened, what the attacker has access to, and how to contain and remove their access is more important than ever. With that in mind, having a comprehensive incident response plan in place is critical, so when an organization experiences an incident, they can respond quickly and effectively."

For the third year in a row, the study found that having an incident response team in place significantly reduced the cost of a data breach, saving more than $19 per lost or stolen record. The speed at which a breach can be identified and contained is in large part due to the use of an incident response team and having a formal incident response plan. Incident response teams can assist organizations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, how quickly an organization can contain data breach incidents have a direct impact on financial consequences. The cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than thirty days compared to those that took longer than 30 days. Speed of response will be increasingly critical as GDPR is implemented in May 2018, which will require organizations doing business in Europe to report data breaches within 72 hours or risk facing fines of up to four percent of their global annual turnover.

With such significant cost savings in mind, the study revealed there's room for improvement with organizations when it comes to the time to identify and respond to a breach. On average, organizations took more than six months to identify a breach, and more than 66 additional days to contain a breach once discovered.

Additional key findings:

Download the 2017 Cost of a Data Breach Study: Global Overview (registration required).