Across industries and across the globe, the average cost of a data breach is now $4 million, up from $3.79 million in 2015, according to the "2016 Cost of a Data Breach Study: Global Analysis" from IBM and Ponemon Institute. The report also found healthcare breaches are among the most costly.
The report gathered information from 383 companies in different countries and industries. Here are six key findings from the report.
1. While the average global cost of a data breach was $158 per lost or stolen record, healthcare organizations reported the highest average cost per lost or stolen record at $355. Education followed with an average cost of $246.
2. Nearly half of breaches studied were caused by hackers and criminal insiders, and these were also the most costly type of breach. The average cost spent to resolve malicious or criminal attacks was $170 per record, while breaches stemming from system glitches cost about $138 per record. For the U.S. specifically, companies paid an average of $236 per record to address a malicious or criminal attack, the highest across countries.
3. Incident response teams were observed to reduce the cost of a data breach resolution by $16 per record. Employee training reduced the cost by $9, board-level involvement reduced the cost by $6 and insurance protection reduced the cost by $5.
4. Elements that increased the cost of data breach resolution include third-party involvement in the breach (increased by $14), rushing to notify ($6), lost or stolen devices ($5) and engaging consultants ($5).
5. What's behind the increasing costs of data breaches? According to the report, the average number of records stolen has increased 3.2 percent, and organizations have experienced greater losses in businesses than expected.
6. The U.S. and Germany have the highest average per capita cost of data breaches, at $221 and $213, respectively. Brazil and India had the lowest average per capita cost of data breaches, at $100 and $61, respectively.
More articles on data breaches:
Kern County Mental Health Department reports potential PHI breach
University of New Mexico Hospital breach stems from technical issue
3 ProMedica employees fired for insider breach of nearly 3,500 patients' data