• Home
  • /Learn
  • /Packetlabs State of Security Series: The True Cost of a Data Breach
background image


Packetlabs State of Security Series: The True Cost of a Data Breach


$3.86 Million USD if you’re lucky is what the global average cost of a data breach was in 2017 and early 2018, $4.74 million USD for Canadian organizations. Of the organizations that were affected by breach there is a high likelihood of 27.9% for a recurring breach within the next 2 years. A study between Ponemon Institute and IBM Security that was just released where professionals from organizations that experienced a breach were interviewed over past 12 months to assess and understand the true cost, trends and likelihood of a data breach. Year over year the average total cost of a breach (a minimum of 1,000 records) increased 6.4% to $3.86Mil, the average cost per record affected increased 4.8% and the number of records affected per breach increased 2.2%.

The cost of a breach for Canadian organizations is among the highest in the world

The global study revealed that Canada the highest direct cost per breach (e.g. hiring forensic and incidence response experts) and second highest overall cost per capita, and is in the top 10 for abnormal customer churn rates in the wake of a breach. The root causes of all breaches studied came down to 48% malicious attacks, 27% human error and 25% system glitch/bug. Canada has the second highest cost to resolve a breach from an intentionally malicious or criminal attack at $213 per record, the global average for all breaches is $148/record. By comparison the lowest costs were India and Brazil at just under $70/record. Canada also has the highest detection and escalation costs at $1.78 million USD per breach, Brazil was the lowest at $0.37 million.

Customer Trust, Timelines and Industry stats

The relationship between time to identify and contain a breach, cost and consumer trust are directly related. The higher the time to identify and contain the higher the cost, and the bigger the loss of business. It may be scary to read but the mean time to identify a breach was 197 days, which is just over half a year, and 69 days to contain the breach. That means the combined total to identify and contain a breach takes 9 months. An attacker could have breached an organization back in January and on average the affected organization would be finding out about it today, and the next 2 months would be spent coordinating efforts to contain the breach. When more than 1 million records are affected, dubbed a mega-breach, costs were $40 million or greater. The industries that most often experience breaches are: Financial Services, Services, Industrial Manufacturing, Technology, Retail and the Public Sector. The industries with the highest average cost per capita are Health, Financial, Services and Pharmaceuticals.

How to reduce costs? Factors Affecting the Cost of a Breach

Digging deep into each breach to determine what factors influence the costs pin-pointed twenty-two factors, some of which helped reduce the cost of a breach, while others increased the cost of a breach. Some notable cost saving influences include extensive use of encryption throughout the organization, employee training, threating sharing subscriptions,  board-level involvement, an appointed CISO and Data Loss Prevention (DLP) solutions. Each of the 12 cost saving influences independently could save between $1.8 million and $14 million during a breach. It can be a challenge to increase budget for security related operations and expense hiring and training staff or implementing new technologies however the cost of prevention pales in comparison to the expenses to contain a breach. Direct expenses for a breach include: forensic experts, incidence response, outsourcing hotline support, credit monitoring subscriptions for affected clients, discount on future products and services, and the loss of business and brand tarnishing. In-direct expenses include: in-house investigations (IT staff) and communications to coordinate with third-party contractors and clients.

In January Packetlabs wrote a case study surrounding a small business owner’s nightmare when their organization was hacked. Click here to read more.

Examining these trends portrays the importance to have security as an on-going challenge that is actively tackled by everyone in the organization from IT to management. Many organizations put all their effort into preventing vulnerabilities from existing in their public facing infrastructure, but the time to identify and contain a breach from this study highlight’s that there are significant gaps in the ability to identify when an attacker has breached a network and what they are doing. At Packetlabs, we believe that “an ounce of prevention is worth a pound of cure”. In additional to traditional penetration tests and audits we offer objective-based penetration testing that can assess and evaluate security through simulated cyber-attacks, including active breach scenarios.

You can explore the cost of a breach for your organization and to download the full report here:


Examining the cost of a data breach in 2018