The average cost of a data breach for the Indian companies has grown from Rs. 97.3 million in 2016 to Rs. 110 million in 2017 in India, resulting in growth of 12.3% says a study by IBM and Ponemon Institute.
IBM and Ponemon Institute examined Indian companies across 13 industry sectors who experienced the loss or theft of protected personal data and the notification of breach victims as per law. The per capita cost of data breach increased significantly from Rs. 3,704 in 2016 to Rs. 4,210 per compromised record. Data breaches caused by malicious or criminal attacks cost companies Rs. 5,100 per compromised record. System glitches and negligence (i.e. human error) cost Rs. 3,545 and Rs. 3,651 per record, respectively.
The number of breached records per incident for Indian organizations surveyed in this year’s report ranged from 4,000 to 98,000 compromised records. The average number of breached records was 33,167 as per the study.
In this year’s study, financial, technology and services industries experienced a relatively high abnormal churn. In contrast, public sector (government) and retail companies experienced a relatively low abnormal churn.
The average detection and escalation costs increased from Rs. 32.4 million in 2016 to Rs. 36.7 million in 2017. It took companies an average of 170 days to detect that an incident occurred and an average of 72 days to contain it.
If the mean time to identify (MTTI) was less than 100 days, the average cost to identify was Rs. 85.3 million. However, if the time to identify was greater than 100 days the cost rose significantly to Rs. 134.6 million . If the mean time to contain (MTTC) the breach was less than 30 days, the average cost was Rs. 96.3 million. If it took 30 days or longer, the cost rose significantly increased to Rs. 123.6 million.
“The Cost of Data Breach study clearly outlines the rapidly changing threat scenario through a significant rise in both number and sophistication of breaches. With cloud services being the key for digital enterprise transformation, securing data on cloud is of top priority. Cloud Security and cognitive driven security services are going to be defining trends in the next years,” said Kartik Shahani, Integrated Security Leader, India/South Asia at IBM.