Data breach cost hits record 17-year high: IBM Security

The global average cost of containing a data breach has hit a 17-year high of $4.24 million (close to Rs 32 crore), IBM Security said in its annual Cost of a Data Breach report. 

According to the Armonk, New York-based technology company, security incidents have become costlier and more difficult to contain due to the drastic operational shifts – migration to remote working and cloud infrastructures – stemming from the pandemic.  

In the Indian context, the average cost of addressing a security incident has risen by more than 10% to $2.21 million (Rs 16.50 crore). 

The study, conducted by Ponemon Institute and analysed by IBM Security, looked at data breaches experienced by a total of 537 global organisations between May 2020 and March 2021.  

Indian organisations made about 9% of this sample, with each breach witnessed by the companies compromising about 27,966 records on an average. 

As per the report, companies in the country that were in the mature stages of adopting zero trust deployment had to spend about $1.77 million (Rs 13.18 crore) to contain their breach while those early stages witnessed a cost of about $2.67 million (Rs 19.87 crore). 

“...it is evident that with modernization, including the adoption of AI, security analytics, and applying a zero-trust approach, comes significantly decreased costs associated with data breaches,” Prashant Bhatkal, security software sales leader at IBM Technology Sales, India/South Asia, said while commenting on the report. 

The study further notes that Indian organisations that had more than 50% of workforce working remotely took 271 days on an average to identify a breach and 83 days to address it.  

Meanwhile, organisations with less than 50% remote work adoption took just about 208 days to identify an incident and 72 days to contain it. 

Globally, the average cost of a data breach was also over $1 million more when remote work was indicated as a factor in the event. Most of the incidents assessed for the study were carried out through stolen credentials. And, a significant 44% of the breaches compromised personal user information such as their name, email, and password. 

"The rapid shift to remote work witnessed a tremendous disruption of security programmes. Organisations were focused on getting online and security became an afterthought. India witnessed a record high in data breach during the pandemic leading to many organisations evaluating their security posture,” Bhatkal added. 

Among other things, the report states that the industries which faced massive operational changes during the pandemic saw a significant year-on-year increase in the cost of containing breaches.  

Healthcare, in particular, was the most affected one, with each incident costing about $9.23 million (Rs 68 crore) on an average.