The average cost of a data breach in the UK rose by 8% over the past year to reach nearly £2.7m, according to the latest IBM report.
The 2018 Cost of a Data Breach Study put the UK sum slightly lower than the global average of $3.9m (£3m) — in fact, US companies experienced the highest cost of a breach at £6m, followed by those in the Middle East (£4m).
However, the report highlighted that there’s much work still to be done by organizations, with mean time to identify a breach dropping just five days to stand at 163 days. Meantime to contain a breach decreased just three days to reach 64 days.
These stats are important because the longer a breach takes to spot and contain, the more damage can be done and the more expensive it will be to remediate.
IBM claimed that firms able to contain a breach in under 30 days managed to save over £755,000 compared to those who that took more than 30 days.
Incident response and extensive use of encryption also helped to reduce the cost per compromised record by £13 and £12, respectively.
While malicious outsiders caused half of all breaches, organizations should be aware that human error (26%) and system glitches (24%) were responsible for the other half. Although the latter two types of breach were quicker to spot, with better staff training and IT monitoring they remain highly preventable.
IBM breaks down costs into four specific areas: detection and escalation; notification; breach response; and lost business stemming from downtime, damaged reputation and lost customers.
In this regard the indirect costs of a breach (£58 per record) outweighed the direct costs (£50) again this year.