What’s the cost of a data breach in 2019?

As data breaches within corporations and government continue to rise, the expenses to recover from them are escalating at an exponential pace. Third-party breaches are likely to have additional costs beyond the usual financial, regulatory, and reputational damage that an internally caused data breach can bring. These damages can combine to make third-party breaches far more expensive.

With the growth of outsourcing, companies and institutions became relying on vendor’s security systems and risk management, which is crucial especially to highly regulated industries such as healthcare and financial services. Smaller third-party vendors are often seen to be overwhelmed by the strains and potential costs of having their customers hacked.

According to a recent study by the Ponemon Institute and IBM, the average cost of a data breach is USD 3,92 million, up 6,4% compared to the previous year. The United States had the highest cost at USD 8,19 million, and healthcare had the highest average industry cost of USD 6,45 million likely due to their high amount of personal data.

An idea of avoiding the potentially expensive costs of a vendor hack is to not have a third-part service in the first place. However, for many it is unlikely a possible solution. What a company can require is a reliable vendor risk management program, backed up by technology, policies, and procedures. Solid review and audit processes can catch any vendor-related problems before they become data breaches.

- 05 December 2019 - EN