BHUBANESWAR: The average cost of a data breach in India went up to Rs 11.9 crore in 2017 – a nearly eight per cent increase from 2017, an IBM study revealed on Wednesday.
According to the 2018 edition of the “Cost of a Data Breach” study conducted by US-based Ponemon Institute on behalf of IBM Security, malicious or criminal attacks were the root cause of 42 per cent of data breaches, followed by system glitch at 30 per cent and human error at 28 per cent.
The estimated per capita cost per lost or stolen records reported last year was Rs 4,552 – a 7.8 per cent increase from the previous report. The study also points out that the financial sector reported the highest per capita cost at Rs 6,210 whereas the least average cost was reported by public sector at Rs 1,813.
The amount of mega breaches (of more than 1 million records) has nearly doubled in the past five years—from just nine mega breaches in 2013 to 16 mega breaches in 2017. For mega breaches, the biggest expense category was costs associated with lost business, which were estimated at nearly $118 million for breaches of 50 million records, almost a third of the total cost of a breach this size.
“The threat scenario shows a significant rise in both number and sophistication of breaches in this year’s report, which is alarming as it continues to rise in India,” Vikas Arora, chief transformation officer, IBM India/South Asia, said in a statement. According to Arora, companies need to identify the many hidden expenses which must be considered, such as reputational damage, customer turnover, and operational costs. “Knowing where the costs lie, and how to reduce them, can help companies invest their resources more strategically and lower the huge financial risks at stake,” he added
Overall, the study found that hidden costs in data breaches – such as lost business, negative impact on reputation and employee time spent on recovery – are difficult and expensive to manage. Globally, the average cost of a data breach is up 6.4 per cent over the previous year to $3.86 million, the findings showed.
The study also calculated the costs associated mega breaches ranging from one million to 50 million records lost, projecting that these breaches cost companies between $40 million and $350 million, respectively.
The findings showed that data breaches are most costly in the US ($7.91 million) and the Middle East ($5.31 million), and least costly in Brazil ($1.24 million) and India ($1.77 million).