How Much Will a Data Breach Cost You? IBM & Ponemon Report

03/08/2020 09:34:42

The dangers of a network security breach are scaring IT professionals the world over with unsettling facts and figures, and devastating impact at every turn - but how much does a data breach really cost? The cost of a data breach depends significantly on many factors including the size and CAPEX of the business, the type or source of the attack, the speed of security and remediation methods and even the geographic location of the victim.

IBM in conjunction with the Ponemon Institute have taken on just this question in their newest study released on July 29th, "Cost of a Data Breach Report 2020". Ponemon gathered data from 524 executives whose organizations had personally experienced a significant data breach between August 2019 and August 2020, with respondents distributed across 17 geographies and 17 industries.

Highlights of the report note that the average cost of a data breach is around 3.86 million USD, with the Healthcare industry making up the bulk of overall cost with a staggering 7.13 million USD in payments. How have payments skyrocketed this high? Ponemon Institute found that the average time taken to identify and contain a breach is 280 days - implying that most affected organizations lack a dedicated network security team, comprehensive and far-reaching firewalls and endpoint solutions and incident response (IR) services - allowing the malicious software to run continuously in the background with little opposition for the better part of a year before discovery.

Dark Reading notes that the global average costs have decreased since the 2019 Ponemon/IBM report, from $3.92 million to $3.86 million, due to the maturation of network security practices of the designated companies.

Dark Reading author Jai Vijayan attributes overly complex security systems and cloud migration with the boost in cost per breach, and notes that those organizations with IR services regularly pay an aver of $295,000 less than the global average when breached. "The main takeaway I see is this growing cost divide", Charles DeBeck, strategic cyber threat analyst for IBM’s X-Force IRIS team says. "Businesses that are investing in advanced technologies and practicing preparedness of their incident response experience significantly lower costs, while those that didn't prepare see their costs rising year over year".

Debeck goes on to discuss how "The biggest thing we see impacting breach costs is an organization's ability to respond quickly to an attack, and a lot of this comes down to planning and preparation".

Implementing security services like Sangfor’s TIARA & Sangfor Incident Response (IR) provides the proactive protection necessary to secure your network before attacks and recover after an attack with the lowest cost and impact possible.

Sangfor TIARA is a turnkey service to help customers quickly gain a broad spectrum understanding of their current network threat posture:
·TIARA Assessment: preliminary lightweight security posture assessment service, designed to help customers determine the current threat posture of their entire network in a short period of time.
·TIARA Recommendations: improvement plans and remediation assistance to take the overall security posture to the next level.

Sangfor Incident Response (IR) provides enterprise many vital features with its scope of services including but not limited to:
· External Attack Surface Assessment
· External Firewall Ruleset & Configuration Review
· Malware Family & Type Identification
· Initial Attack Vector Identification
· Kill Chain / Chain of Infection Determination
· Indicator of Compromise (IOC) Determination
· Malware In-Depth Analysis
· Malware Eradication
· Remediation
· Internal Network Threat Analysis & Assessment

Why Sangfor?
Plan and be prepared to minimize the risk and impact of a data breach. Protect your businesses reputation, ensure business continuity and, of course, save money by being prepared, with Sangfor Security services.

Sangfor Technologies
is an APAC-based, global leading vendor of IT infrastructure solutions specializing in Network Security and Cloud Computing. Visit us at to learn more about Sangfor’s Security solutions, and let Sangfor make your IT simpler, more secure and valuable.

Our Social Networks

Global Service Center: