Light Dark
July 6, 2017 By Maria Battaglia 2 min read
Incident Response

What impact do security breaches have as the cyber landscape continues to evolve? IBM Security and the Ponemon Institute explore this question in their research: The 2017 Cost of a Data Breach Study. This annual study provides security leaders with an industry benchmark for assessing and mitigating their data breach risks.

What was one of the most significant findings? For the third year in a row, having an incident response (IR) plan stood out as the top factor for saving costs on data breaches for organizations across the globe.

Download the complete Ponemon Institute 2017 Cost of Data Breach Study

A Million Dollar Idea: Incident Response Plans

Having an IR plan deployed throughout the organization was found to be the most significant cost-saving strategy. An incident response plan and a fully functional team decreased the per capita cost of a data breach from $225 to $199. In fact, organizations that can contain a breach in less than 30 days can save roughly $1 million — not to mention what they save in negative brand impact.

What were the other attention-worthy findings in the study? Factors that save costs on data breaches are employee training, participation in threat sharing and having board-level involvement in the overall security process. However, failing to be compliant was one of the biggest drivers for increasing costs for the average data breach.

Moving Up: Positive Security Trends

The study also highlighted some positive security trends. The global average cost of a data breach is down 10 percent over previous years, from $4 to $3.62 million. The average cost for each lost or stolen record also significantly decreased from the year before, from $158 to $141.

What impacted these results? A strong U.S. dollar, which contributed to the decline in overall cost. Despite this drop, the cost of a breach in the U.S. went up from $7.01 to $7.35 million — an increase of 4.9 percent. Companies in the 2017 study also experienced larger breaches, with the average size of the data breaches increasing 1.8 percent.

To learn more about the average cost of a data breach, key factors that increase costs (and the strategies to keep them down), download the 2017 Cost of a Data Breach Study. For more on effective IR and cyber resilience, download our study, Cyber Resilience in the Modern SOC: Why Detection and Prevention Is Not Enough.

 |  | 
Maria Battaglia
CMO, IBM Resilient

More from Incident Response
October 6, 2023

X-Force uncovers global NetScaler Gateway credential harvesting campaign

6 min read - This post was made possible through the contributions of Bastien Lardy, Sebastiano Marinaccio and Ruben Castillo. In September of 2023, X-Force uncovered a campaign where attackers were exploiting the vulnerability identified in CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user credentials. The campaign is another example of increased interest from cyber criminals in credentials. The 2023 X-Force cloud threat report found that 67% of cloud-related…

September 27, 2023

Tequila OS 2.0: The first forensic Linux distribution in Latin America

3 min read - Incident response teams are stretched thin, and the threats are only intensifying. But new tools are helping bridge the gap for cybersecurity pros in Latin America. IBM Security X-Force Threat Intelligence Index 2023 found that 12% of the security incidents X-force responded to were in Latin America. In comparison, 31% were in the Asia-Pacific, followed by Europe with 28%, North America with 25% and the Middle East with 4%. In the Latin American region, Brazil had 67% of incidents that…

August 31, 2023

Alert fatigue: A 911 cyber call center that never sleeps

4 min read - Imagine running a 911 call center where the switchboard is constantly lit up with incoming calls. The initial question, “What’s your emergency, please?” aims to funnel the event to the right responder for triage and assessment. Over the course of your shift, requests could range from soft-spoken “I’m having a heart attack” pleas to “Where’s my pizza?” freak-outs eating up important resources. Now add into the mix a volume of calls that burnout kicks in and important threats are missed.…

Topic updates

 Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today
© 2024 IBM Contact Privacy Terms of use Accessibility Cookie Preferences
Sponsored by si-icon-eightbarfeature