How much does it cost to recover from an average security breach?

Published: Monday, 21 September 2015 07:15

The average budget required to recover from a security breach is $551,000 USD for large enterprises, and $38,000 for small and medium businesses (SMBS) according to a new report by Kaspersky Lab. Based on a worldwide survey of 5,500 companies conducted in cooperation with B2B International, the survey concluded the most expensive types of security breach are employee fraud, cyber-espionage, network intrusion and the failure of third party suppliers.

Nine out of ten companies that took part in the survey reported at least one security incident, but not all were serious or had led to the loss of sensitive data. Results show that breaches were most frequently the result of a malware attack, phishing, leaks of data by employees and vulnerable software which had been exploited.

Cost estimations provide a new perspective on the severity of IT security incidents and the findings show the outlook for SMBs and enterprises is slightly different. Large companies pay significantly more when a security breach is the result of a trusted third party failure. Other expensive types of breaches include fraud by employees, cyber-espionage and network intrusion. By comparison, SMBs tend to lose a significant amount of money on almost all types of breach, paying a similar high price on recovering from acts of espionage as well as DDoS and phishing attacks.

The average enterprise bill and probability of some of the consequences break down as follows:


Cost (USD)

Probability of consequence

Professional services (IT, risk management, lawyers)

Up to $84,000


Lost business opportunities

Up to $203,000

29 percent


Up to $1,400,000

30 percent

Indirect spend on staffing, training and infrastructure upgrades

Up to $69,000 for enterprises
(Up to $8,000 for SMBs)


Reputation damage

Up to $204,750


The methods used for this survey relied on data from previous years to pinpoint areas where companies have to spend money following a breach, or lose money as a result of a breach. Typically businesses have to spend more on professional services (such as external IT experts, lawyers, consultants, etc.), and earn less thanks to lost business opportunities and downtime.