Audit Analytics recently released the “Trend in Cybersecurity Breach Disclosures” report. This report reviews over six hundred cybersecurity breaches at public companies dating back to 2011. Within this data, Audit Analytics discovered the average cyber breach costs $116 million. This represents a significant jump in costs than in other reports.
Audit Analytics operates as a corporate data-gathering company serving corporate decision-makers. It specializes in providing informative content for accounting, financial, and academic professionals. Moreover, it collects auditing, regulatory, and disclosure intelligence.
In addition, the report found cybercriminals usually target customer names, addresses, and email addresses; hackers could use this information to conduct credential-based attacks or to conduct spearphishing attacks. Malware was the most commonly reported method for maliciously obtaining data (followed by phishing, unauthorized access, and misconfiguration). However, the majority of attacks remain undisclosed, as 43 percent of businesses keep the type of attack to themselves.
Audit Analytics found that penalties for allowing the attacks, remediation costs, and lower stock market values comprise the most significant costs of a breach. The primary factors for determining the total cost of a breach include the stolen information and the length of time to disclose and remediate the breach. The average time to discover a breach totals about 108 days for businesses, with another average of 49 more days to actually report the breach. Yet, the longer the time to report the breach to the authorities, the higher the ultimate costs.
Worse, while the majority of enterprises suffered only one cyber breach, around 27 percent of businesses experienced more than one. The services industry suffered the most costly attacks, although researchers note the Equifax breach skews the average significantly.
Learn more about Audit Analytics here.
Latest posts by Ben Canner (see all)
- How Endpoint Protection Platforms Protect Against Ransomware - December 4, 2020
- Predictions: The Top Endpoint Security Threats of 2021 (And How to Prevent Them) - December 1, 2020
- New Endpoint Security for New Remote Work Paradigm - November 25, 2020