IBM recently announced the results of a sponsored study that analyzed the impact of Business Continuity Management (BCM) and Disaster Recovery (DR) on the cost of a data breach. The study, conducted by the Ponemon Institute, surveyed 1,900 participants from 419 companies across 16 countries.
The study found that companies using DR and BCM saw a reduction in the total amount of time spent identifying and containing data breaches by 78 days, according to a recent release from the tech giant. The decrease in time resulted in average savings throughout that response time of $394,922. Organizations without BCM tools paid about $3.94 million on average for a data breach, according to the report. However, those that did implement BCM paid significantly less: around $3.35 million.
Of the 419 businesses that participated in the survey, 226 companies self-reported that they deployed a BCM tool to help after a breach. And 95 percent of the 226 said that having a platform in place was either very significant (65 percent) or significant (30 percent) when it came to recovering.
“Executing business continuity management strategies to respond to data breach incidents is increasingly a top business priority for companies worldwide,” General Manager of IBM Global Resiliency Services Laurence Guihard-Joly said in a release. “Automating and orchestrating these disaster recovery and business continuity plans will help to not just protect sensitive data, but also ultimately boost productivity, strengthen competitiveness in the marketplace, and deliver greater return on investment in the long term.”
The study also found that cloud-based resiliency orchestration and disaster recovery automation were “driving efforts to transform business continuity programs in the age of automation and cognitive computing.” According to the report, organizations that use a BCM program with disaster recovery automation and orchestration experienced a 39.5 percent reduction in average cost per day of a data breach in comparison to those without BCM or DR. Those with the correct platforms in place saw a net difference of about $1,655 per day, the report found.
Resiliency orchestration is a cloud-based approach that features disaster recovery automation and several continuity management tools for hybrid-IT environments. These types of tools can reduce the amount of time an IT department spends analyzing critical apps and issues.
“Business continuity management continues to play an important role in determining the impact of data breaches that put organizations at risk worldwide,” Dr. Larry Ponemon said in a release. “As companies create, develop, and execute their business resiliency strategies going forward, they must consider all possible options to mitigate the effects of a data breach and keep IT infrastructures secure and available for themselves and their clients.”
IBM provided the following additional key findings from the report:
- 95 percent of companies surveyed indicated that uniting their BCM and IT security functions (BCM/cybersecurity cooperation, crisis management expertise across departments, joint cyber-simulation testing) had a significant impact on mitigating the effects of a data breach.
- The average cost per lost or stolen record can be as high as $152. With BCM involvement the average cost can be as low as $130.
- 76 percent of companies surveyed without BCM involvement had a material disruption to business operations. This decreases to 55 percent for companies involving BCM in advance of the data breach.
- 52 percent of companies surveyed with BCM involvement said their reputation or brand had been negatively impacted because of a data breach. However, 62 percent of companies without BCM involvement said their organization’s brand and reputation was negatively affected.