Data breaches are increasing. Pick up any newspaper and, more often than not, there will be mention of a new data breach. Some are big and some are small, and most go undetected for long stretches of time. So what are the similarities between these data breaches? Other than the aspects such as brand reputation, customer churn and regulatory issues, there is a big financial impact as well. How much? What is the average cost of a data breach? What is the cost per record? Which industries are being impacted? How can this be reduced?

Cyberattacks in the Asia-Pacific region are rising at a particularly high rate. Is your defense in place? The Ponemon Institute’s “2016 Cost of Data Breach Study: Global Analysis,” which was sponsored by IBM, answers these questions and many more.

What Do the Numbers Say?

It is fascinating to see findings of the global data breach report. Some key takeaways included:

  • Health care experienced the most expensive per-record cost of a data breach compared to other industries at $355 per record.
  • About 48 percent of data breaches were caused by malicious attacks from people both inside and outside of the organization.
  • Nearly 25 percent of breaches were associated with human error.
  • The single biggest factor in reducing the cost of a data breach was having an incident response team in place, which decreased the cost by nearly $400,000.

Download the Ponemon Institute 2016 Global Cost of a Data Breach Study

How Does the Asia-Pacific Market Look?

The above findings are based on data collected from organizations across the globe. We can zoom in a little more to see what the numbers look like in the Asia-Pacific region, specifically the two markets of Australia and India.

The report examined 63 organizations across 12 industries, focusing on the time after these companies experienced the loss or theft of protected personal data and had to notify victims and/or regulators as required by law. It is important to note that the costs presented in this research are from actual data loss incidents. They are based on estimates collected over a 10-month period.

Analyzing the costs with which these Asia-Pacific organizations were faced led to some interesting findings:

  • The cost of a data breach is steadily increasing. In India, the average total cost of a data breach increased from 88.5 million Indian rupees in 2015 to 97.3 million rupees in 2016 — a 10 percent spike. Australia, however, bucked the trend, with the cost of data breach falling marginally from $2.8 million in 2015 to $2.6 million in 2016.
  • Certain industries have higher breach costs In India, financial institutions, services, and industrial and technology companies had a per-capita cost well above the mean. In comparison, the public sector and research institutions had a per-capita cost significantly below the mean.
  • Malicious or criminal attacks were the primary root causes of data breaches. More than 41 percent of companies experienced a data breach as the result of malicious or criminal attacks. A similar trend was seen in the Association of Southeast Asian Nations (ASEAN) and Korea. Meanwhile, in India, 35 percent of organizations experienced system glitches, compared to 27 percent in Australia. Twenty-four percent of incidents in India involved employee or contractor negligence (aka the human factor) compared to 27 percent in Australia.
  • Industries with higher breach costs are more vulnerable to churn. In 2016, financial services and technology companies experienced relatively high abnormal churn, and public sector and energy companies experienced a relatively low abnormal churn.

Additionally, based on the India and Australia data, detection and escalation costs increased significantly. Notification costs also increased along with post-breach expenditures. It also led to increased customer acquisition activities, reputation losses and diminished goodwill.

Can the Cost of a Data Breach Be Reduced?

There is a silver lining: Steps can be taken to reduce the cost of a data breach. Here are the top five factors that can help decrease the cost:

  • Having an incident response team;
  • Extensive use of encryption;
  • Participation in threat sharing;
  • Employee security awareness and training; and
  • Appointing a CISO.

Unfortunately, it’s not always possible for an organization to take these measures by themselves because of issues related to people or a lack of security-skilled personnel. There are also obstacles relating to the process, such as having the right security policies in place, and technology, or having the right set of tools to do the job.

While you need to take the right steps to protect your organization from bad actors, you should not miss out on the detection and response aspects as well. These are the three legs of the security tripod.

In most cases, having an external partner with expertise in security is recommended. Look for a partner that has received analyst recognition, with proven capability in the security space and a complete portfolio to address your security needs. Your partner should have trained and certified consultants who can help you. Additionally, having a global presence is an added advantage since you can benefit from the best practices adopted in a different part of world.

As the cost of data breach rises, so should your defense mechanisms. Download the full data breach report today and stay ahead of the curve.

More from Data Protection

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

SpyAgent malware targets crypto wallets by stealing screenshots

4 min read - A new Android malware strain known as SpyAgent is making the rounds — and stealing screenshots as it goes. Using optical character recognition (OCR) technology, the malware is after cryptocurrency recovery phrases often stored in screenshots on user devices.Here's how to dodge the bullet.Attackers shooting their (screen) shotAttacks start — as always — with phishing efforts. Users receive text messages prompting them to download seemingly legitimate apps. If they take the bait and install the app, the SpyAgent malware gets…

Exploring DORA: How to manage ICT incidents and minimize cyber threat risks

3 min read - As cybersecurity breaches continue to rise globally, institutions handling sensitive information are particularly vulnerable. In 2024, the average cost of a data breach in the financial sector reached $6.08 million, making it the second hardest hit after healthcare, according to IBM's 2024 Cost of a Data Breach report. This underscores the need for robust IT security regulations in critical sectors.More than just a defensive measure, compliance with security regulations helps organizations reduce risk, strengthen operational resilience and enhance customer trust.…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today