What the Growing Costs of a Data Breach Means for the Business

August 2, 2021 | 3 minute read

A recent global research report conducted by Cybereason, titled Ransomware: The True Cost to Business, revealed that the vast majority of organizations that have suffered a ransomware attack have experienced significant impact to the business, including loss of revenue, damage to the organization’s brand, unplanned workforce reductions, and little in the way of relief from cyber insurance policies.

An esteemed panel of subject matter experts will examine the research findings and discuss how organizations can better prepare to defend against and respond to a ransomware attack, and the full on-demand webinar can be found here.

Recently, IBM came out with its Cost of a Data Breach Report 2021. This publication synthesizes the Ponemon Institute’s research of 537 breaches that affected 17 different industries and that occurred across 17 countries and regions. It also draws on nearly 3,500 interviews to understand how much those breaches cost organizations and what decision makers are doing to better defend against security incidents going forward.

Newsflash: Data Breach Costs on the Rise

The main takeaway from IBM’s report is that data breaches are becoming more expensive. Indeed, the average total cost of a data breach increased from $3.86 million in 2020 to $4.24 million in 2021. That’s a growth rate of nearly 10% over the span of 12 months. Not only that, but it’s also the largest single-year cost increase in the past seven years.

When it came time to dissect those costs, IBM found that some damages stood out among the rest. It specifically observed that lost business costs, which include increased customer turnover and revenue lost to system downtime, represented the largest share of the overall average at $1.59 million (about 38%). That’s up from $1.52 million in the 2020 report.

An Uneven Data Breach Cost Landscape

Some factors caused organizations to experience even more costly events. Take the presence of remote work as an example. The average cost of data breaches where remote work was a factor was $1.07 million higher than the overall average. Part of that increase traces back to how it took organizations with at least half of their workforce working remotely an added 58 days to identify and contain a breach as compared to organizations with fewer remote workers.

Not only that, but some attackers were also costlier than other types of security incidents. Such was the case with ransomware. Indeed, the average cost of a ransomware infection in IBM’s report was $4.62 million—greater than the average cost of a data breach for the year. Those ransomware damages did not include instances where the affected organization paid the ransom. But they did take several other factors into account.

That’s where Cybereason’s recent global research report, titled Ransomware: The True Cost to Business, helps to shed some light. Consider the following statistics:

    • More than half (53%) of survey participants said that their organization’s brand took a hit following a ransomware attack.
    • Two-thirds of respondents said that their organization experienced significant revenue loss as a direct result of a ransomware infection. 
    • Not every organization we surveyed had a cyber insurance policy in place at the time that they suffered a ransomware attack. For those who did, nearly half (42%) said that their insurer covered just a part of their losses, leaving the organization to carry the rest.
    • A quarter of respondents told us that they were forced to temporarily close their organization after suffering a ransomware attack. A slightly larger proportion (29%) of survey participants ended up needing to eliminate jobs in the attack’s aftermath.
    • Of those organizations that decided to pay the ransom following a ransomware attack, nearly half (46%) of respondents indicated that at least some of their data was encrypted. Three percent of those who paid didn’t get any of their information back.

These findings highlight the need for organizations to defend themselves against ransomware attacks and other costly security incidents. One of the ways that they can do that is by working with a trusted vendor like Cybereason to streamline their detection and response capabilities

The Cybereason Advantage

Indeed, the Cybereason Defense Platform helps organizations to move beyond endless uncorrelated alerts to one where they’re leveraging fully contextualized and correlated attack stories with the Cybereason MalOp™. It does this by analyzing 100% of event data in real time, unlike other vendors who try to position the fact that they have to filter critical data as a benefit. 

We’re not sure filtering out critical telemetry and context helps organizations detect and respond to attacks earlier, but the Cybereason Defense Platform is at the forefront of data processing technology, collecting, processing, and analyzing all of your relevant data in real-time, and if you choose, can be made accessible to you for all time. Cybereason analyzes 9.8PB of threat intelligence weekly to reveal the full attack story from root cause across every affected endpoint and user.

Additionally, it delivers automated and guided one-click remediation so SOC analysts can instantly investigate and end a security incident—no matter where it is in their environment anywhere in the world.

Don’t wade through a sea of alerts to find the one that really matters. Cybereason pinpoints MalOps from root cause to every affected endpoint and user with real-time, multi-stage displays of the complete attack details, providing analysts the power to immediately understand, pinpoint, and end attacks with a single click. With Cybereason you don’t just stop the breach, you end it before it starts.

Learn more about how Cybereason’s Defense Platform can help to spare your organization the growing costs of a data breach.

Cybereason Security Team
About the Author

Cybereason Security Team

The Cybereason Security Team champions cyber defenders by providing future-ready attack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated detection and response (EDR and XDR), next-gen anti-virus (NGAV), and proactive threat hunting to deliver context-rich analysis of every element of a Malop (malicious operation). The result: defenders can end cyber attacks from endpoints to everywhere.

All Posts by Cybereason Security Team