Compromised employee accounts leading to most expensive data breaches: IBM Security
Jul 29, 2020
New Delhi [India], July 29 : IBM Security on Wednesday announced the results of a global study examining the financial impact of data breaches, showing that these incidents cost companies 3.86 million dollars per breach on average and that compromised employee accounts were the most expensive root cause.
Based on an in-depth analysis of data breaches experienced by over 500 organisations worldwide, 80 per cent of these incidents resulted in the exposure of customers' personally identifiable information (PII). Out of all types of data exposed in these breaches, customer PII was also the costliest to businesses.
As companies are increasingly accessing sensitive data via new remote work and cloud-based business operations, the report sheds light on financial losses that organisations can suffer if this data is compromised.
A separate IBM study found that over half of employees new to working from home due to the pandemic have not been provided with new guidelines on how to handle customer PII despite the changing risk models associated with this shift.
Sponsored by IBM Security and conducted by the Ponemon Institute, the 2020 Cost of a Data Breach Report is based on in-depth interviews with more than 3,200 security professional in organisations that suffered a data breach over the past year.
"India is witnessing a change in the nature of cyber-crimes. It is now extremely organised and collaborative with rising incidents of phishing attacks and social engineering attacks," said Prashant Bhatkal, Security Software Leader at IBM India and South Asia.
"While companies are being aware of the importance of cybersecurity solutions, we witnessed a 9.4 per cent rise from last year in the total cost of a data breach. Further, those with fully deployed security automation were able to detect and contains a breach more than 27 per cent faster than those with none."
As organisations look to expand their digital footprint, technologies like automation, artificial intelligence and cloud can help address skills gaps, support the security team to focus on larger issues, said Bhatkal. "These technologies can enable a faster breach response and be more cost-efficient in the long run."
The annual cost of a Data Breach Report is based on in-depth analysis of real-world data breaches taking place between August 2019 and April 2020, taking into account hundreds of cost factors including legal, regulatory and technical activities to loss of brand equity, customers and employee productivity.