The Most Significant Findings From IBM's Data Breach Report 2021

IBM recently released its Data Breach Report 2021, which included some concerning findings

The Most Significant Findings From IBM's Data Breach Report 2021
The Most Significant Findings From IBM's Data Breach Report 2021 | Image Credits: Kiplinger

IBM Security has published its report dubbed "Cost of a Data Breach". The report is a set of incidents in 17 nations and provides a repeatable benchmark that is applicable to the cybersecurity industry. The purpose of the study is to offer companies a current assessment of their sensitive data management and to assist in the financial assessment.

The paper analyzes whether there is a clear pattern in the price of data breaches. Most of the immense expenses are from lost commercial activity. As you might expect, healthcare, which has the greatest number of occurrences, also has the most expensive incidents per individual. However, there is some encouraging news: energy sector indicators have improved, according to Ikarus Security.

The average total cost of a data breach increased to a record high

The data breach cost figures for 2021 are extremely clear: the average total cost of a data breach rose to its greatest level in the history of the IBM report, while the cost per compromised record also reached a new high. Also, the 10% average annual increase in damages was highlighted.

Cyber security incident cost reductions come from automation

Businesses using security automation could slash their costs by up to 80% if a data breach or security issue occurs. Those that had not installed up-to-date data security systems needed to spend an average of $6.7 million to recover from a data breach, whereas companies that used such technology had to invest $2.9 million. 

The duration of the incident has an impact on the amount of the damage

It is necessary to analyze the complete breach cycle, which includes the period of time between the discovery of a data breach and the mitigation of the breach. For security incidents that have occurred to date, the average time required to detect and resolve them is 206 days, followed by 73 days. This adds up to 279 days overall. In 2021, a breach is discovered on average after 212 days, and it takes another 75 days to control it, for a total of 287 days from the time it is discovered.

It is more expensive to deal with ransomware than to be hit with a pure data breach

The average cost of a data breach grew from $3.86 million to $4.24 million between 2020 and 2021. Cyber-criminals are demanding bigger ransom fees than hackers used to ($4.62 million on average). The most significant factor in security incident costs was determined to be time. As time passes without a security breach being discovered, more sensitive data becomes vulnerable to being stolen by thieves. When systems break down and customers leave, the impact on the company's finances is even worse.

The most frequently used attack vector is the use of stolen or compromised credentials

Data breaches caused by compromised corporate emails accounted for 20% of all data breaches. The information about phishing, cloud misconfigurations, and third-party software vulnerabilities is maintained on file for future reference.