The cost of a data breach has increased slightly in the last six years on average. Costs are up 10% since 2014 to $3.86 million, according to the annual Cost of a Data Breach Report, published by IBM Security and based on research conducted by the Ponemon Institute.

Three areas in particular proved to have the biggest cost impact for organizations in the study. Take a look at steps organizations can take to mitigate data breach costs, from security automation and a well-trained incident response capability to securing cloud environments.

Behind the Numbers on Protecting Against a Data Breach

Specifically, the difference between costs for the least prepared organizations in the study and most prepared organizations — those with best practices for proactive, responsive security measures — has grown over the past few years.

The study, based on 524 recent global data breaches, found the average cost of a data breach went down slightly since 2019. This statistic hides a key connection. Organizations that had implemented an advanced security program faced significantly lower average data breach costs. Meanwhile, those without such programs struggled with much higher average costs.

In other words, the savings for investing in cybersecurity have increased.

Here are three major factors that most affect the cost of a 2020 data breach.

Security Automation and Incident Response Work

First, the numbers in this year’s report present compelling evidence that having effective, efficient security controls in place protecting against a data breach lower the cost of an attack.

The report shows security automation has a massive impact on the average cost of a data breach. In this research, security automation means enabling security technologies that augment or replace what IT staff normally do. They include any security solution, such as SIEM tool, that uses artificial intelligence, machine learning, analytics and automated orchestration.

According to the report’s findings, companies that did not deploy any form of security automation experienced much higher average breach costs and took much longer to identify and contain a breach than those with these technologies fully deployed. The average total cost of a data breach at organizations with fully deployed security automation was $2.45 million, compared with $6.03 million on average for organizations that had not deployed security automation — a difference of $3.58 million.

Incident response (IR) also remained a top cost saver, with trained and tested IR teams contributing to an average $2 million in data breach cost savings.

These benefits increased year over year. In the 2019 report, the cost difference between having no IR team or testing versus a trained and tested team was $1.23 million. The 2020 report’s finding of a $2 million difference was a whopping 63% more than 2019.

Despite these findings, many organizations still don’t have security automation fully deployed. Only one-fifth of organizations in the study had security automation fully deployed. But more and more companies are making the investment in automating their security. The number of organizations having fully deployed security automation increased from 16% in 2019 to 21% in 2020.

The percentage of companies with no security automation decreased from 48% in 2019 to 41% in 2020. Another 38% of organizations in the 2020 study said they had partially deployed security automation. This is an increase from 36% with security automation partially deployed in the 2019 study.

The vast majority of organizations can still take steps to deploy security automation in their organization. Speed up incident response time, and you might also reduce data breach costs.

Time is Still Money When it Comes to Data Breaches

Why are we seeing this increasing gap between lower cost and higher cost breaches? Time is a big factor. Data breach costs correlate to the amount of time it takes to identify and contain the breach (the data breach lifecycle). In 2020, a breach with a lifecycle of fewer than 200 days on average cost an organization only $3.21 million. But for a lifecycle greater than 200 days, the average cost jumps 30% to $4.33 million.

If longer breaches mean higher costs, it follows that speeding up the identification would lead to lower costs. Security automation, which was associated with much lower data breach costs on average, also sped up the detection and containment of breaches. Organizations with no security automation took more than two months longer to identify and contain a breach. (They took 308 days, compared with 234 days.)

Meanwhile, breach costs accrue over a long period of time. Losses from things like customer turnover and regulatory and legal fines can extend breach costs. Only 61% of breach costs occur in the first year on average. Therefore, organizations need to be ready to pay for data breaches for years, not months, after the event.

This changes for highly regulated organizations in industries such as finance and healthcare. In the 2020 study, those highly regulated organizations experienced 44% of costs in the first year and 21% of the cost more than two years later. In less regulated industries, 77% of breach costs accrued in the first year. These groups felt just 8% of costs more than two years after the breach.

Cloud-Based Expertise Pays Dividends

One other trend in this year’s report shows that organizations need to be very aware of their cloud security. Cloud misconfigurations tied for the most frequent source of data breaches, accounting for 19% of the breaches caused by malicious attacks. In addition, organizations that suffered a data breach during a cloud transition had an average breach cost of $4.13 million, or $267,000 higher data breach costs on average.

Cloud environments provide organizations with a myriad of security benefits and can help reduce security system complexity. This, in turn, may speed up response times to incidents. Migrating to the cloud is an absolute win for many organizations, but this study also tells us that companies need to do cloud migration right. Using managed security services was one of the factors that can mitigate the average cost of a data breach.

Discover More in the Cost of a Data Breach Report

The Cost of a Data Breach Report can help you decide where to efficiently allocate your security spend to minimize the costs of a data breach. Register for the report to use interactive tools, explore the data and access key findings and recommendations.

More from Data Protection

How to craft a comprehensive data cleanliness policy

3 min read - Practicing good data hygiene is critical for today’s businesses. With everything from operational efficiency to cybersecurity readiness relying on the integrity of stored data, having confidence in your organization’s data cleanliness policy is essential.But what does this involve, and how can you ensure your data cleanliness policy checks the right boxes? Luckily, there are practical steps you can follow to ensure data accuracy while mitigating the security and compliance risks that come with poor data hygiene.Understanding the 6 dimensions of…

Third-party access: The overlooked risk to your data protection plan

3 min read - A recent IBM Cost of a Data Breach report reveals a startling statistic: Only 42% of companies discover breaches through their own security teams. This highlights a significant blind spot, especially when it comes to external partners and vendors. The financial stakes are steep. On average, a data breach affecting multiple environments costs a whopping $4.88 million. A major breach at a telecommunications provider in January 2023 served as a stark reminder of the risks associated with third-party relationships. In…

Communication platforms play a major role in data breach risks

4 min read - Every online activity or task brings at least some level of cybersecurity risk, but some have more risk than others. Kiteworks Sensitive Content Communications Report found that this is especially true when it comes to using communication tools.When it comes to cybersecurity, communicating means more than just talking to another person; it includes any activity where you are transferring data from one point online to another. Companies use a wide range of different types of tools to communicate, including email,…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today