UPDATED 06:00 EDT / MAY 27 2015

NEWS

IBM: Data theft is costing companies a fortune

The flurry of large-scale breaches that struck top retailers and banks in 2014 finally helped corporate decision-makers internalize what security professionals has been saying for years: hackers are not only becoming more aggressive but also more sophisticated. Concrete data on the trend, however, has been scarce – until now.

A new survey of 350 recently compromised organizations across a dozen countries carried out by the Ponemon Institute LLC on behalf of IBM reveals that the growing amounts of effort that the black hat community is putting into infiltration attempts is making a substantial impact. The average cost of a stolen record for companies increased from $1.33 million last year to $1.57 million in 2015.

That comes down to about $170 per stolen record, up from a roughly $159 a year ago. That’s an alarming spike to occur in a relatively short 12-month period, but the data becomes even more worrisome when broken down by industry: While low-priority segments such as transportation saw relatively little fluctuation since 2014, companies in areas with greater malicious activity suffered unprecedented damages.

The retail industry took the brunt of the blow, with the average cost of a stolen record soaring from $105 to $165. That’s not so much because a brick-and-mortar franchise is more vulnerable to a breach than anybody else but rather due to the fact that a significant portion of expenses associated with hacking is lost business, which makes consumer-facing organizations more sensitive from a sales standpoint.

Ponemon’s researchers found that the costs incurred from reduced customer acquisition and retention, together with increased marketing spending to recover that confidence, can add up to as much as twice the amount invested in forensic analysis and auditing after a breach. But just as the cost of a stolen record fluctuates across sectors, it also varies by geography.

Consumers in India and Brazil are the least likely to abandon a company due to a breach, which puts the two nations at the bottom of the list for both the total cost of data thefts and the average cost per capita of a stolen record. The first place belongs to the U.S., where companies lose an average of $6.5 million from every incident, more than four times the worldwide average.

The US is only third in regard to the average number of records stolen per attack behind India and the Arabian region, which also carries the dubious honor of topping the chart for the highest percentage of malicious intent in breaches at 56 percent​, compared to the worldwide average of 47 percent.

The latter statistic is perhaps the single most surprising finding of the report in view of the fact that the majority of incidents that apparently aren’t the result of hacking don’t receive nearly as much attention as targeted breaches. That reaffirms the need for corporate decision-makers to invest more in training employees on proper handling of files – another long-time pursuit of the security community – on top of addressing the growing threat from malicious attackers.

Photo by Alexis via Pixabay


A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU