Here’s What the Average Data Breach Cost in 2016

moneyyWe are living in the age of the data breach. The number of data breaches in 2016 hit a record high of 1,093, with a total of 36,601,939 records compromised, according to a report from the ITRC.

The average total cost of those breaches? $7.01 million, according to new research from the Ponemon institute.

The independent security policy research firm recently released the findings on their 2016 Cost of Data Breach Study: United States. The study, sponsored by IBM, polled 64 companies across 16 industry sectors in the US. The criteria for inclusion was that each organization had to of experienced a data breach of some kind during the last year, ranging from 5,125 to 101,520 records. The average number of breached records was 29,611.

According to the report, the average cost for each individual lost or stolen record containing “sensitive and confidential information” increased from $217 in 2015 to $221, while the total average cost that organizations paid increased from $6.53 million to $7.01 million.

Cost of Lost Business

The majority of costs incurred by data breaches is in lost business due to a loss in consumer trust, says the report. In the past year, abnormal churn of existing customers caused by data breaches increased by 3 percent.

The more churn, the higher the per capita cost of data breach, says the report. Companies that experience low churn (<1 percent) lost an average of $5.4 million per breach, while those with churn greater than 4 percent faced a staggering average cost of $12.1 million.

Ponemon identified several industries that are most vulnerable to churn, including financial services, health, technology, life science, and service organizations.Public sector and media organizations tend to experience a lower rate of churn, according to the report.

Malicious Attacks are Primary Cause 

Malicious hacks and cyberattacks continued to be the leading cause of data breaches in 2016, according to the report. 50 percent of incidents reported involved a malicious or criminal attack, compared to 23 percent caused by negligent employees, and 27 percent involving “system glitches.”

Malicious attacks were also the most costly, says Ponemon. Companies that had a data breach due to malicious or criminal attacks had a per capita data breach cost of $236, much higher than the average $221.

For more information on the Ponemon Institutes findings, check out the report in full here.


Widget not in any sidebars

Follow Jeff

Jeff Edwards

Jeff Edwards is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large.He holds a Bachelor of Arts Degree in Journalism from the University of Massachusetts Amherst, and previously worked as a reporter covering Boston City Hall.
Jeff Edwards
Follow Jeff

Leave a Reply

Your email address will not be published. Required fields are marked *