Skip to content ↓ | Skip to navigation ↓

IBM’s Cost of a Data Breach Report 2021 analyzed 537 real breaches and conducted nearly 3,500 interviews to uncover the true cost of a data breach in 2020. The publication covers initial attack vectors, how long it took organizations to discover and contain braces, as well as the effects that incident response efforts and artificial intelligence have on mitigating breach costs.

Key Highlights

Now in its 17th year of producing this report, IBM continues to see growth in the number and cost of remediations and breach prevention year over year. Indeed, the average cost of a breach is now estimated at $4.62 million.

For the 11th consecutive year, healthcare was the industry with the highest cost of a breach at $9.23 million. This was followed by $5.72 million for the financial sector and $5.04 million for pharmaceuticals.

However, some factors helped to lower the cost of a data breach. Take automation as an example. Organizations with fully deployed artificial intelligence (AI) saw an 80% decrease in cost compared to those without automation. AI was also associated with a faster time to identify and contain a breach, thus lowering attackers’ average dwell time of 287 days.

“287 days is too long for any organization to identify and contain a breach,” explained Maurice Uenuma, VP of sales at Tripwire. “It’s also too costly. The sooner an unauthorized change can be reconciled against expected and approved changes, highlighting the breach-related change, the faster it can be isolated and contained.”

Remote Work and Data Breaches

The shift to remote work increased data breach costs for some organizations that were unprepared for this transition. Organizations in which remote work was a factor suffered costs $1.07 million higher than those in which remote work was not a factor.

Acknowledging this trend, Uenuma feels that organizations need to look to security approaches like zero trust that can take their evolving infrastructure into account:

“Higher costs of breaches in more distributed (read: remote work) environments, at $1.07M greater on average, combined with lower breach costs (ave. $1.76M) borne by organizations with mature Zero Trust Architectures, highlight the importance of continuous revalidation of trustworthiness of the people, devices, and services connecting into enterprise environments,” he explained. “For devices and services, this means the ability to continuously revalidate secure configurations, compliance with corporate standards, and detection of deviation from those secure states. That, in turn, is only possible with robust secure configuration management (SCM) and file integrity monitoring (FIM).”

As for the average time it took organizations to identify a breach and contain it, this number also increased with organizations’ focus on remote work. Organizations with more than 50% working remotely took an average of 316 days to identify and contain a breach as opposed to 258 days for organizations with less than 50% remote employees.

How Tripwire Can Help

This report is an important reminder to industry professionals and practitioners to understand emerging trends and gather best practices for data breach prevention. It also highlights the importance of organizations’ ongoing compliance efforts.

“With a $2.3M higher cost associated with high levels of compliance failures, it remains critical to ensure compliance across IT and OT systems enterprise-wide,” Uenuma noted. “In turn, this requires a robust compliance platform that can assess, report, and prompt remediation against multiple internal and external standards across multiple asset types—on-prem, in the cloud, and on the factory floor.”

To make data breach prevention as best as possible, organizations should consider Tripwire for automating any changes in your secure environment. Learn more about Tripwire here.