Friday 24 November 2017
 
»
 
»
SPECIAL REPORT

Malicious or criminal attacks are the most frequent
cause of data breach in the Middle East

Data breach costs rising in Middle East: IBM study

DUBAI, July 16, 2017

The average cost of a data breach in Saudi Arabia and the UAE combined is $4.94 million, a 6.9 per cent increase since last year, according to a 2017 study commissioned by IBM Security.

The Middle East study conducted by Ponemon Institute, found that these data breaches cost companies $154.7 per lost or stolen record on average.

When compared to other markets, organizations in Saudi Arabia and the UAE saw the second highest average cost of a data breach at $4.94 million, have the highest direct per capita cost ($81) and are amongst the top markets that spend the most ($1.43 million) on post data breach response.

The 2017 Cost of Data Breach report also revealed that malicious or criminal attacks are the most frequent cause of data breach in Saudi Arabia and the UAE. Fifty-nine per cent of incidents involved data theft or criminal misuse. These types of incidents cost companies $171.7 per compromised record, compared to $130.7 and $128.5 per compromised record as a result of a breach caused by system glitch or employee negligence, respectively.

Top factors that contributed to the increase of cost of a data breach in Saudi Arabia and the UAE include compliance failures and the extensive use of mobile platforms. Companies reported that compliance failures and the extensive use of mobile platforms increased the cost of each compromised record by $10.4 and $12.8, respectively.

"Data protection continues to be a challenge as businesses hold more and more sensitive information, pushing cyber security higher up the agenda," explained Saeed Agha, Security Business Unit leader, IBM Gulf & Levant

“According to the study, malicious or cyber attacks are a major cause of data breach in Saudi Arabia and the UAE. Such attacks are financially damaging and present great threat to the reputation of organizations. It is important to start looking at security hygiene measures as an opportunity to avoid falling victim to the next big security threat rather than a nuisance.”

Time is money: Containing data breaches

The study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach, saving more than $19 per lost or stolen record globally. The speed at which a breach can be identified and contained is in large part due to the use of an IR team and having a formal Incident Response plan. IR teams can assist organizations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, how quickly an organization can contain data breach incidents has a direct impact on financial consequences. Globally, the cost of a data breach was nearly $1 million lower on average for organizations that were able to contain a data breach in less than thirty days compared to those that took longer than 30 days.

With such significant cost savings in mind, the study revealed that there is room for improvement with organizations when it comes to the time to identify and respond to a breach. On average, organizations in Saudi Arabia and the UAE took 245 days to identify a breach, and 80 additional days to contain a breach once discovered.

Additional key findings

•    By Industry, Services, Financial Services and Technology Breaches Most Costly: In Saudi Arabia and the UAE, services, financial services and technology have topped the list as the most expensive industry for data breaches, costing organizations $221.3, $201.1 and $184.5 per record, respectively.

•    Top Factors Reducing Cost of a Breach: In Saudi Arabia and the UAE, Certified Protection Officer (CPO) appointment and the use of security analytics were the factors shown to have the most impact on reducing the cost of a data breach. The appointment of a CPO and the use of security analytics resulted in $2.4 and $8.3 reduction in cost per lost or stolen record, respectively.  


Uncovering the cost of a data breach

The annual Cost of Data Breach study examines both direct and indirect costs to companies in dealing with a single data breach incident. Through in-depth interviews with more than 410 companies in 13 countries or regions, the study factors in costs associated with breach response activities, as well as reputational damage and the cost of lost business.

“Data breaches and the implications associated continue to be an unfortunate reality for today’s businesses,” said Dr Larry Ponemon.

“Year-over-year we see the tremendous cost burden that organizations face following a data breach. Details from the report illustrate factors that impact the cost of a data breach, and as part of an organization’s overall security strategy, they should consider these factors as they determine overall security strategy and ongoing investments in technology and services,” he added. – TradeArabia News Service




Tags:

More Analysis, Interviews, Opinions Stories

calendarCalendar of Events

Ads