September 20, 2019
Corporate Compliance Insights
In an article published in Corporate Compliance Insights on Sept. 20, Nashville attorneys Kelly Frey and Joseph Damon discuss the Ponemon Institute’s Data Breach Study for IBM, which continues to track the escalating year-over-year costs of data breaches. “According to the study, the average total cost of a data breach increased from $3.86 million to $3.92 million, and the average cost for each lost record increased from $148 to $150,” they share. “And while the rate of increase this year is less than prior years, the total costs of data breaches across industries continues to climb.”
The attorneys discuss a few particularly alarming trends outlined in the study, including the length of time to identify and contain a breach. “The average time to identify a breach in 2019 was 209 days, and the average time to contain a breach was 73 days, for a total of 279 days – almost a 5 percent increase over the 2018 life cycle of 266 days,” they state. “This life cycle to containment is critical with respect to costs, as breaches with life cycles of less than 200 days typically create costs one-third lower than breaches with life cycles over 200 days.”
While companies that have not experienced a data breach may feel they do not need to adjust cybersecurity practices or spending, Frey and Damon caution that “smugness” is not appropriate, given increasing probability of experiencing a breach. They stress, “You may already have a multimillion-dollar data breach liability – you just don’t know about it yet.”
These materials have been prepared for informational purposes only and are not legal advice. This information is not intended to create, and receipt of it does not constitute, an attorney-client relationship. Internet subscribers and online readers should not act upon this information without seeking professional counsel.