Data breach costs surge to record high in 2021
The average cost of a data breach has risen to $4.24 million per incident globally thanks to technological shifts such as increased remote working and the adoption of cloud technologies.
This is the highest amount in the 17-year history of IBM’s annual data breach costs report, with the average cost of an incident to $4.24 million per incident, a nearly 10% increase over the previous year.
A rapid shift to remote working is among the factors fuelling the rise in data breach costs, with incidents costing on average $4.96 million when remote working was a factor versus $3.89 million otherwise.
Healthcare breaches cost the most by far, at $9.23 million per incident – a $2 million increase over the previous year.
“Higher data breach costs are yet another added expense for businesses in the wake of rapid technology shifts during the pandemic,” said vice president and general manager at IBM Security, Chris McCurdy.
“While data breach costs reached a record high over the past year, the report also showed positive signs about the impact of modern security tactics, such as AI, automation and the adoption of a zero trust approach – which may pay off in reducing the cost of these incidents further down the line.”
Stolen user credentials were the most common cause of breaches in the study, with customer personal data the most common type of information exposed. What’s more, this combination of factors could cause a spiral effect, with breaches of login details providing attackers with the capabilities to launch additional attacks.
In terms of mitigation factors, meanwhile, the study showed that the adoption of AI, security analytics and encryption were among the biggest three mitigating factors that reduced the average cost of a breach. These three would save companies between $1.25 million and $1.49 million compared to those which didn’t have significant usage of these tools.
For cloud-based data breaches, organisations with a hybrid cloud approach had lower data breach costs of $3.61 million. This is against a cost of $4.8 million for those with primarily a public cloud setup and $4.55 for businesses with a primarily private cloud approach.
As IBM’s Chris McCurdy alluded to, organsations that have adopted a zero-trust security model reported being better positioned to handle data breaches. This is because the approach operates on the assumption that user identities on the network itself may already be compromised, and relies on AI and analytics to continuously validate connections between users, data and resources.
© Dennis Publishing
Professional Development for IT professionals
The mission of the Irish Computer Society is to advance, promote and represent the interests of ICT professionals in Ireland. Membership of the ICS typically reduces courses by 20%. Find out more