The True Cost of a Data Breach in 2019

October is Cyber Security Awareness Month! Follow along on our blog and social media channels to get on-the-pulse cyber security news and strategy recommendations from our team.

In 2019, Canadian businesses have taken strides towards improving cyber security practices in the wake of high-profile hacks and breaches which shook major players such as Facebook and Desjardins. Progress was made, with many businesses now using basic security tools such as multi-factor authentication. However, the landscape of cyber security is constantly evolving and requires businesses to be on the lookout for new tools to implement on a consistent basis. Although mainstream security tools are helpful, they become obsolete if we aren’t constantly innovating and looking for the next safest thing.

The fact is, an unsecured IT environment will inevitably cost your business more dollars than an innovative cyber security strategy will. Below, we’ve outlined the true cost of a data breach in 2019, including which factors should be considered in order to decrease risk.

How much money will my business lose from a data breach?  

According to IBM’s coveted Cost of a Data Breach Report for 2019, the average global breach cost $3.9 million USD. That’s up $40,000 from last year’s report.

The stakes are even higher for Canadian businesses, who report an average of $4.4 million USD in costs related to identifying and containing a breach. This typically happens within a timespan of 241 days, and costs $187 USD per lost record.

What factors increase or decrease the total cost of a data breach?

There isn’t one deciding factor in what makes your business susceptible to cyber crime. Check out the table below to find out which factors (in order), are most likely to decrease your risk of a data breach or, on the other hand, amplify your risk.  

Decreases Risk (Cost Mitigators)

  1. Formation of an Incident Response (IR) team
  2. Extensive use of encryption
  3. Extensive tests of the IR plan
  4. Business continuity management
  5. Use of a DevSecOps approach
  6. Employee training
  7. Participation in threat sharing
  8. Use of an artificial intelligence platform
  9. Use of security analytics
  10. Board-level involvement in security
  11. Extensive use of data loss prevention (DLP)
  12. Chief Information Security Officer (CISO) appointed
  13. Insurance protection
  14. Data classification schema
  15. Chief Procurement Officer (CPO) appointed
  16. Consultants engaged

Source: IBM Report

Increases Risk (Cost Amplifiers)

  1. Consultants engaged
  2. Rush to notify
  3. Extensive use of IoT devices
  4. Extensive use of mobile platforms
  5. Operational Technology (OT) infrastructure
  6. System complexity
  7. Insecure and extensive cloud migration
  8. Compliance failures
  9. Third-party breach

Source: IBM Report

Feeling like your business could be at risk?

We’re here to help. Talk to one of our experts today.

Useful Resources:

IBM 2019 Cost of a Data Breach Report and Calculator

Digital Guardian Report

Leave a Comment

Your email address will not be published. Required fields are marked *