Every data breach costs Indian firms nearly Rs 12 crore: IBM study
Each data breach deals a blow of Rs 11.9 crore on average to the bottom lines of Indian enterprises, according to an IBM Security study which looked at the financial impact of such attacks.
This marks an increase of nearly 8% since IBM’s previous study on the subject in 2017.
The study, which IBM conducted jointly with the Ponemon Institute. surveyed 500 global companies. It analysed hundreds of cost factors surrounding a breach, from technical investigations and recovery, to notifications, legal and regulatory activities, and cost of lost business and reputation.
According to the report, the estimated per capita cost per lost or stolen record reported was Rs 4,552.
Malicious intent or criminal attacks dominated 42% of such breaches with enterprises taking an average of half a year to identify them. The study also showed that the mean time to contain such breaches increased to 78 days from last year's average of 72 days.
“The threat scenario shows a significant rise in both number and sophistication of breaches, which is alarming as it continues to rise in India,” said Vikas Arora, chief transformation officer of IBM India/South Asia. “Companies in India need to fortify their security strategy to leverage a secure cloud environment and build a strong AI strategy.”
Arora added that Indian firms also need to identify hidden liabilities such as damaged reputation, customer turnover and operational costs.
The study also looked at mega breaches - a breach where more than 1 million records are compromised - and said that these attacks cost companies between $40 million and $350 million respectively.
It further said that in the past five years, the amount of mega breaches has nearly doubled - from just nine in 2013 to 16 last year.
"For mega breaches, the biggest expense category was costs associated with lost business, which was estimated at nearly $118 million for breaches of 50 million records – almost a third of the total cost of a breach this size," the company said in a statement. “IBM analyzed the publicly reported costs of several high profile mega breaches, and found the reported numbers are often less than the average cost found in the study”
The study also compared the cost of data breaches in different industries and regions, finding that it is costliest in the US and the Middle East, and least financially damanging in Brazil and India.
While US companies have the highest average cost of a breach at $7.91 million, followed by the Middle East at $5.31 million, the lowest total cost of a breach was $1.24 million in Brazil followed by $1.77 million in India.
In a separate report, cybersecurity company SonicWall said that it had detected more than 5.99 billion total malware attacks in the first six months of 2018, an increase of 102% over the previous year. It further said that ransomware was back in a big way — 181.5 million attacks since January, a 229% year-to-date increase along with a 275% rise in encrypted threats compared to last year.