While the average cost of a data breach in 2017 saw a 10 percent decline globally when compared to 2016, for the Indian enterprises, it grew 12.3 percent from Rs 97.3 million in 2016 to Rs 110 million in 2017, a new study said. According to the IBM study conducted by Ponemon Institute, the European countries saw a 26 percent decrease from 2016 whereas the US registered a five percent increase in the same time. Also Read - Ola to offer free oxygen concentrators to the needyAlso Read - Almost 60 percent of internet users in India fell prey to hacking in the last 1 year: Report
The Cost of Data Breach study outlines the rapidly changing threat scenario through a significant rise in both number and sophistication of breaches, said Kartik Shahani, Integrated Security Leader, India/South Asia at IBM, in a statement. With cloud services being the key for digital enterprise transformation, securing data on the cloud is of top priority. Cloud Security and cognitive-driven security services are going to be defining trends in the next years, he added.
IBM and Ponemon Institute examined Indian companies across 13 industry sectors which experienced the loss or theft of protected personal data and the notification of breach victims as per law. The per capita cost of the data breach increased significantly from Rs 3,704 in 2016 to Rs 4,210 per compromised record. The number of breached records per incident for Indian organisations surveyed in this year s report ranged from 4,000 to 98,000 compromised records. The average number of breached records was 33,167 as per the study, the findings showed. Malicious or criminal attacks were the cause of data breach for 41 percent of companies surveyed. Nearly 33 percent experienced a data breach as a result of system glitches and 26 percent breaches involved an employee or contractor negligence. ALSO READ: Unpatched software, human factor behind data breaches: F-Secure
Enterprises need to ensure that robust security practices are adopted, incident response plans are in place and regular security training given to all stakeholders of the company, Sahani advised. The study also found that data breaches caused by malicious or criminal attacks cost companies Rs 5,100 per compromised record. ALSO READ: India ranks 5th globally in data breaches: Symantec
System glitches and negligence (i.e. human error) cost Rs 3,545 and Rs 3,651 per record, respectively. The detection and escalation cost increased from Rs 32.4 million in 2016 to Rs 36.7 million in 2017. It took companies an average of 170 days to detect that an incident occurred and an average of 72 days to contain it. If the mean time to identify (MTTI) was less than 100 days, the average cost to identify was Rs 85.3 million, the study said.