SOARing Costs? Considering Data Breach Economics

Consisting of analysis from 524 organizations that experienced data breaches between August 2019 and April of 2020, the Cost of Data Breach Report 2020 from the Ponemon Institute shares key information, findings, and data points harvested from more than 3,200 interviews on areas ranging from global data breach costs to data breach lifecycles in influential countries and industry sectors.

en flag
nl flag
et flag
fi flag
fr flag
de flag
pt flag
ru flag
es flag

Content Assessment: SOARing Costs? Considering Data Economics

Information - 95%
Insight - 95%
Relevance - 95%
Objectivity - 95%
Authority - 100%

96%

Excellent

A short percentage-based assessment of the qualitative benefit of the post highlighting the July 2020 published report of data breach costs by the Ponemon Institute.

Editor’s Note: Based on the increased pulse rate of reported data breaches in today’s connected world, more organizations than ever before are evaluating and investing in security orchestration, automation, and response (SOAR) solutions to help minimize costs and mitigate risks associated with breach detection and response times. As data and legal professionals operating in the eDiscovery ecosystem seek to understand the market impact and opportunities driven by the cost of data breaches, they may benefit from the salient cybersecurity-centric research shared in the Cost of Data Breach Report 2020 as prepared by the Ponemon Institute and published in July of 2020 by IBM Security. 

Cost of a Data Breach Report 2020 (Ponemon Institute)

Selected Data Points from the Report

Consisting of analysis from 524 organizations that experienced data breaches between August 2019 and April of 2020, the Cost of Data Breach Report 2020 from the Ponemon Institute shares key information, findings, and data points harvested from more than 3,200 interviews on areas ranging from global data breach costs to data breach lifecycles in influential countries and industry sectors. Eight data point areas from the 2020 report that may benefit those considering and constructing cost and opportunity models for data breach-related data and legal discovery offerings are highlighted below for consideration.

  • The average cost of a global data breach was $3.86 million. However, the total cost of a data breach in the United States was $8.64 million.
  • Data breach average total costs generally can be divided into four categories. Those categories being lost business costs, detection and escalation costs, notification costs, and ex-post responses.
  • Lost business continued to be the largest contributing cost factor of a global data breach, accounting for nearly 40% of the average total cost of a data breach—this amount equated to approximately $1.52 million per data breach. However, lost business from a data breach in the United States, using the 40% business loss benchmark, equated to approximately $3.45 million per data breach.
  • The average cost of a global data breach across seventeen industry sectors ranged from $7.13 million for the healthcare industry, the highest of all sectors, to $1.08 million for public sector organizations. Healthcare, energy ($6.39 million), financial ($5.85 million), pharma ($5.06 million), and technology ($5.04 million) sectors were the five sectors with the highest cost per data breach.
  • Customer’s personally identifiable information (PII) was the most frequently compromised type of record, and the costliest in the data breaches studied. The average cost per compromised record containing PII was $150. Additional costs per record of compromised data include other corporate data ($149), intellectual property ($147), anonymized customer data ($143), and employee PII ($141).
  • The average time to identify and contain a data breach globally was 207 days to identify a breach and 73 days to contain a breach, for a total time of 280 days. In the United States, the average time to identify and contain a data breach was 186 days to identify a breach and 51 days to contain a breach, for a total time of 237 days.
  • Incident response (IR) preparedness was the highest cost saver for businesses. The average cost of a data breach for companies with an IR team and a tested IR plan was $3.29 million. This average cost was $2.0 million lower than experienced by companies with neither an IR team nor a tested IR plan.
  • Types of costs recovered using cybersecurity insurance include but are not limited to consulting and legal services, restitution to victims, regulatory fines, recovery technology, and ransomware and extortion. In these cost recovery areas, 51% of organizations with cyber insurance used claims to cover third-party consulting and legal services costs.

For more information from one of the leading benchmark tools in the cybersecurity industry, the Cost of Data Breach Report 2020, you can access, consider, and download the complete report from IBM Security at https://www.ibm.com/security/digital-assets/cost-data-breach-report/#/.

Additional Reading

Source: ComplexDiscovery

 

Research and Publishing Support for ComplexDiscovery

The publication, ComplexDiscovery, launched in early 2010, continues to expand in the breadth and depth of its industry coverage. As our industry readership and content leadership have grown, our research and publishing costs have also continued to grow. With our growth and the related costs of supporting our growth in mind, ComplexDiscovery kindly asks you to support our research and publication efforts by becoming a member of the ComplexDiscovery community.

We offer three levels of membership to those interested in supporting our efforts. All memberships are available on a monthly or annual basis through Steady, our European-founded platform for independent publishers. Feel free to chose your membership level today to support our continued independent publishing of content ranging from carefully selected and highly curated public domain content to independent research and reports. From quarterly business confidence surveys to annual market sizing reports, support our efforts today with your contribution.

Have a Request?

If you have information or offering requests that you would like to ask us about, please let us know and we will make our response to you a priority.

ComplexDiscovery is an online publication that highlights data and legal discovery insight and intelligence ranging from original research to aggregated news for use by business, information technology, and legal professionals. The highly targeted publication seeks to increase the collective understanding of readers regarding data and legal discovery information and issues and to provide an objective resource for considering trends, technologies, and services related to electronically stored information.

ComplexDiscovery OÜ is a technology marketing firm providing strategic planning and tactical execution expertise in support of data and legal discovery organizations. Registered as a private limited company in the European Union country of Estonia, one of the most digitally advanced countries in the world, ComplexDiscovery OÜ operates virtually worldwide to deliver marketing consulting and services.

SPAC Attack? Cellebrite Moves Toward Becoming a Public Company

According to Adam Clammer, Chief Executive Officer of TWC Tech Holdings,...

Cobra Legal Solutions Receives Investment from Blue Sage Capital

According to Eric Weiner, Partner at Blue Sage, “We are excited...

eDiscovery Mergers, Acquisitions, and Investments in Q1 2021

From Relativity and Reveal to Compliance (System One) and Veristar, the...

Cyber Risk and Reward? Kroll Acquires Redscan

According to Redscan CEO, Mike Fenton, “Merging Redscan’s innovative culture and...

A New Era in eDiscovery? Framing Market Growth Through the Lens of Six Eras

There are many excellent resources for considering chronological and historiographical approaches...

An eDiscovery Market Size Mashup: 2020-2025 Worldwide Software and Services Overview

While the Compound Annual Growth Rate (CAGR) for worldwide eDiscovery software...

Resetting the Baseline? eDiscovery Market Size Adjustments for 2020

An unanticipated pandemeconomic-driven retraction in eDiscovery spending during 2020 has resulted...

Home or Away? New eDiscovery Collection Market Sizing and Pricing Considerations

One of the key home (onsite) or away (remote) decisions that...

Five Great Reads on eDiscovery for March 2021

From data breach economics and vulnerabilities to private-equity investments and vendor...

Five Great Reads on eDiscovery for February 2021

From litigation trends and legal tech investing to facial recognition and...

Five Great Reads on eDiscovery for January 2021

From eDiscovery business confidence and operational metrics to merger and acquisition...

Five Great Reads on eDiscovery for December 2020

May the peace and joy of the holiday season be with...

Cobra Legal Solutions Receives Investment from Blue Sage Capital

According to Eric Weiner, Partner at Blue Sage, “We are excited...

Corporation Z? Zapproved Releases of ZDiscovery Platform

According to the announcement, Monica Enand, Zapproved Founder and CEO, shared,...

Head in the Clouds? CloudNine Releases Review Updates

According to Tony Caputo, CEO of CloudNine, “CloudNine is 100% dedicated...

Threading the Needle? Epiq Launches Unified Digital Client Experience

According to the announcement, Epiq Access is available globally and provides...

A Warming Optimism? Spring 2021 eDiscovery Business Confidence Survey

The eDiscovery Business Confidence Survey is a nonscientific quarterly survey designed...

Cold Weather Catch? Predictive Coding Technologies and Protocols Survey – Spring 2021 Results

The Predictive Coding Technologies and Protocols Survey is a non-scientific semi-annual...

Out of the Woods? Eighteen Observations on eDiscovery Business Confidence in the Winter of 2021

In the winter of 2021, 85.0% of eDiscovery Business Confidence Survey...

Issues Impacting eDiscovery Business Performance: A Winter 2021 Overview

In the winter of 2021, 43.3% of respondents viewed budgetary constraints...