According to the 2016 Cost of Data Breach Study from the Ponemon Institute, the average total cost of a data breach for a U.S. company is now $7 million. There are a number of key takeaways from this report:
- The average cost of a data breach hasn’t fluctuated much in recent years. While this year’s average cost is nearly double the average cost in 2006, the average total cost of a data breach has averaged just below $6.5 million since 2008.
- Lost business costs companies more than costs directly related to the data breach itself. On average, stolen records cost a company $221 per record. Of that, $76 represents direct costs like technology or legal fees, while $145 is allocated to indirect costs, like abnormal turnover or churn of customers.
- Malicious attacks remain the most common cause of data breaches. Roughly half of all data breaches are the result of malicious attacks. As a result, these data breaches are more costly than those that are the result of other causes, like system glitches or human error.
- Data breach costs vary by industry. The health care sector’s per capita cost for each stolen record was $402, well above the $221 average. By contrast, the per capita costs for those in government or hospitality were $148 and $86, respectively.
- Costs can be either increased or reduced by taking certain measures. Having an incident response team can lower the per capita cost by almost $26 dollars. In contrast, third-party breaches increased the per capita cost by just over $20 dollars
Thanks for reading.
