Healthcare data breaches happen now with an ever hefty price tag — an average mitigation cost of $6.45 million!
According to a recent study on the data breach costs, organizations in the Healthcare domain were found to experience the costliest breach – around 60% more than other industries – for the ninth year in a row. This denotes a 12% rise over the past five years, reflecting the growing complexity of solving illegal cyberattacks.
Breaches Are Costlier Than Ever Before!
The 2019 COST OF A DATA BREACH REPORT by the Ponemon Institute and IBM Security included in-depth interviews with nearly 500 companies over 17 sectors that underwent a data breach in the past years. The global study accounts for cost factors such as security breach detection, post-breach response, lost sales due to downtime, damage caused to reputation, and impact on customer trust.
Data breach costs are on the constant rise across all sectors, and the financial impact is often experienced for years. The cost of a data breach is now around $3.92 million on average across all industries.
However, organizations in extremely regulated environments like healthcare, which have sensitive patient data, felt increased long-tail costs from data security breaches. Healthcare companies spend $429 per lost or stolen record on average, which is up from $408 per the report in 2018. That is approximately three times greater than the cross-industry average of around $150 per lost or stolen record.
Data Breach – Everyone Is Vulnerable
“With organizations facing the loss or theft of over 11.7 billion records in the past 3 years alone, companies need to be aware of the full financial impact that a data breach can have on their bottom line – and focus on how they can reduce these costs” – Wendi Whitmore, global lead for IBM X-Force Incident Response and Intelligence Services, said in a statement.
Here are six key findings from the 2019 Cost of a Data Breach report:
- MEGA BREACHES to MEGA LOSSES! Breaches of over 1 million records are projected to cost businesses $42 million in losses, and those of 50 million records cost companies a projected $388 million.
- Malicious data breaches pose an increasing threat: Malicious breaches cost organizations an average of $4.45 million – nearly $1 million more than those arising from accidental causes like system glitch or human error. These data breaches are a massive threat, as the percentage of malicious cyberattacks over the past six years has crept up from 42% to 51%.
- System glitches give rise to high cybersecurity risks: Human error and system glitches were the ground for nearly half of the inadvertent data breaches, costing businesses around $3.5 million and $3.24 million, respectively.
- Efficiency is the greatest cost-saver: Reports quoted that the average life cycle of a data breach was 279 days (roughly two months longer than the average life cycle across other industries), with the organizations taking around 206 days to recognize a breach after it occurs and an extra 73 days to contain the breach. That said, companies who identified and restrained a data breach in less than 200 days were found to spend $1.2 million lesser on the total cost.
- Be prepared: Having an incident response team in place and extensive testing of data breach response plan, were the best cost-saving factors observed in the study. Companies with both these experienced $1.23 million less in breach costs on average than those with neither measure in place.
- Security automation can reduce breach costs: Businesses that maintained fully deployed security automation technologies experienced an average of $2.65 million, which is nearly half the cost of data breaches for those who had not deployed such technologies.
The consequences of a data breach may range from minimal impact to losses of millions of dollars for companies across all industries. With this in thought, along with the changing regulatory landscape, data breach planning is critically vital and far from optional. For proper planning and response to data breach events, you may seek advice from an experienced cybersecurity company.
Don’t let a simple data breach cripple your hard built business!