The average cost of a data breach for an Indian company reached Rs 14 crore in 2020, an increase of 9.4 per cent from last year, which translates into Rs 5,522 for a single lost or stolen record (an increase of 10 per cent from 2019), a new IBM study revealed on Wednesday.
The average time to contain a data breach increased from 77 to 83 days as 53 per cent of data breaches in India were caused by malicious attacks.
The average time to identify a data breach also increased from 221 to 230 days. Top three root causes of data breach were 53 per cent malicious attack, 26 per cent system glitch and 21 per cent human error in the country.
“India is witnessing a change in the nature of cyber crimes, it is now extremely organized and collaborative with rising incidents of phishing attacks, social engineering attacks, etc,” said Prashant Bhatkal, Security Software Leader, IBM India/South Asia.
“Those with fully deployed security automation were able to detect and contain a breach more than 27 per cent faster than those with none,” he added.
Commissioned by IBM Security and conducted by the Ponemon Institute, the ï¿½2020 Cost of a Data Breach Report’ is based on in-depth interviews with more than 3,200 security professionals in organisations that suffered a data breach globally.
Companies who had fully deployed security automation technologies (which leverage AI, analytics and automated orchestration to identify and respond to security events) experienced less than half the data breach costs compared to those who didn’t have these tools deployed.
Globally, such incidents cost companies $3.86 million (nearly Rs 29 crore) per breach on average, and compromised employee accounts were the most expensive root cause.
The US continued to experience the highest data breach costs in the world, at $8.64 million (over Rs 64 crore) on average.
In incidents where attackers accessed corporate networks through the use of stolen or compromised credentials, businesses saw nearly $1 million higher data breach costs compared to the global average ï¿½ reaching $4.77 million (about 35.6 crore) per data breach.
Breaches wherein over 50 million records were compromised saw costs jump to $392 million from $388 million the previous year. Breaches where 40 to 50 million records were exposed cost companies $364 million on average, a cost increase of $19 million compared to the 2019 report.
Data breaches believed to originate from nation state attacks were the costliest.
State-sponsored attacks averaged $4.43 million in data breach costs, surpassing both financially motivated cybercriminals and hacktivists.
This year, the attackers used cloud misconfigurations to breach networks nearly 20 per cent of the time, increasing breach costs by more than half a million dollars to $4.41 million on average ï¿½ making it the third most expensive initial infection vector examined in the report.
The report revealed a cost-saving difference of $3.58 million for companies with fully deployed security automation versus those that have yet to deploy this type of technology.
The cost gap has grown by $2 million, from a difference of $1.55 million in 2018.