The cost of data breach for companies has gone up from Rs 88 million to Rs 97.3 million in 2016 in India and if they do not opt for top-of-the-line protection now, the companies will bear significant losses in the near future, a new study has revealed.
Software giant IBM and US-based Ponemon Institute cunducted the study to quantify the losses suffered by enterprises and clients due to cyberattacks and hacks.
The findings showed cyber security incidents continue to grow in both volume and sophistication, with 64 per cent more security incidents reported in 2015 than in 2014.
The study that examined both direct and indirect costs to companies in dealing with a single data breach incident, found that companies lose up to Rs 3,704 per compromised record and breaches in financial institutions had a per capita cost of Rs 5,544.
“Third party involvement in the cause of the data breach increased the average cost to as much as Rs 4,622,” the study noted.
The incident response teams can expedite and streamline the process of responding to a breach.
“These teams address all aspects of the security operations and response lifecycle, from helping resolve the incident, to satisfying key industry concerns and regulatory mandates. Additionally, incident response technologies can automate this process to further speed efficiency and response time,” the report noted.
Larry Ponemon, Chairman and Founder of the Ponemon Institute, said that “data breaches are now a consistent ‘cost of doing business’ in the cybercrime era.”
“The evidence shows that this is a permanent cost organisations need to be prepared to deal with and incorporate in their data protection strategies,” Ponemon added.
The study also found the longer it takes to detect and contain a data breach, the more costly it becomes to resolve.
“While breaches that were identified in less than 100 days cost companies an average of Rs 89.4 million, breaches that were found after the 100 day mark the average cost rose significantly to Rs 105.6 million,” the report added.
“…while the risk is inevitable, having a coordinated and automated incident response plan, as well as access to the right resources and skills, can make or break how much a company is impacted by a security event,” Ted Julian, Vice President, Resilient an IBM Company, noted.