State or Cybercriminals? IBM Data Breach Report 2020

Follow on Google News

The 2020 Cost of a Data Breach Report sponsored by IBM Security and conducted by the Ponemon Institute analyzes interviews of 3,200 security professionals from 500 organizations worldwide that suffered a data breach during the August 2019- April 2020 fiscal year.

The data breach level cannot be wholly estimated without factoring in a legal, regulatory, and negative impact on brand equity, customers, and employee productivity.

Top 8 Findings of IBM Data Breach Report 2020

Deploying Industry 4.0 Technologies

According to the 2020 Cost of a Data Breach Report, organizations that focused on deploying Industry 4.0 technologies such as Artificial Intelligence, Analytics, and process-wide standard security automation, could effectively curb data breach costs to 2.45 million to companies that didn’t baby cried $6.03 million on average.

Compromised Corporate Credentials

Data breach cost $4.77 million per data breach when attackers accessed corporate networks through stolen or compromised credentials. Attackers who exploited third-party vulnerabilities cost $4.5 million for the 500 global organizations surveyed in this research outreach. 

Morbid Loss for Mega Breaches

In the preceding fiscal, the cost of a data breach of over 50 million records was $388 million, which increased to $392 million. In the event of 40 to 50 million records exposed, the group report states a loss of $364 million on average, which is an increase of $19 million compared to the 2019 report.

State Attacks Worse than Cybercriminals

When analysts tried to figure out the most damaging data breaches, they found that nation-state attacks cost $4.43 million in data breach compared to elsewhere’ threats. It means that State-sponsored attacks surpass the average data breach cost expeditioned by cybercriminals and hacktivists. 

Half-Empowered CISOs Charged for Cost

According to the report, 46% of the US-based data breach survey respondents, Chief Information Security Officers (CISOs), are blamed for the security breach. Another 27% of the respondents justify the blame on CISO/CSO as they are the security policy and technology decision-makers. The mansplainers don’t agree a typical CISO saves up to $145,000 versus the average cost of a breach.

Work-from-Home (WFH) the New Vulnerability

During the pandemic or even far into the future, when the current adjustment to WFH will be business as usual, a lack of a controlled data security environment will reason a 70% hike in data breach costs over and above the estimated 2020 Cost of a Data Breach Report. 

Cyber Insurance Settlers Cost Half the Damage

While the report underlines the value of organizations with cyber insurance costing $200,000 less to the global avg $3.86 million, it brings to attention how the insured organizations pay 51% of the recovery amount to third-party consultants in fees and legal services. So, 36% of organizations use claim amounts for victim restitution costs, and only 10% of the claims cover the cost of ransomware or extortion.

Scandinavia Surpasses the US in Data Breach Cost

The US is not the lone victim to the extortionate cost of the data breach. Scandinavian countries seem to be ahead in this crisis year-on-year, observing a nearly 13% rise from FY19. The Scandinavian healthcare industry continues to incur the highest average at $7.13 million, clocking in a 10% increase to FY19.

You can download the 2020 Cost of a Data Breach Report here

Dear Reader, 

First, thank you for your precious time reading the stories (without paywalls) I publish on Startups to Enterprises covering the EUChinathe US, and India. Second, I request you to contribute financially (any amount) to help me sustain this as an independent digital business news media. 

If I receive a request for a sponsored post, I ensure I see merit that is meaningful for erudite and informed readers like you. In the bargain, I lose out on sponsorships wherein I need funds to sustain this effort. Your contribution helps me stay afloat.

Please note that your contribution is treated as revenue generated and not a donation; hence, there are no 80G or other donation certificates. In fact, as I am eligible to pay for the revenue generated, I will pay taxes on the same.

You deserve to know that I abide by journalistic ethics and practices to ensure I tell the stories as is, unbiased. You can follow us on FacebookLinkedin, and Twitter, bookmark us on Google News, and finallyPayPal us here.

Founding Editor

Linda Ashok  
Skip to content