The cost of data breach has reached an all time high in India and has averaged INR 176 million in the year 2022. This is an increase of 6.6 percent from last year, when the average cost of a breach was 165 million. The average cost has climbed 25 per cent from 140 million in 2020, as per the 2022 Cost of a Data Breach Report by IBM Security.
The report points out that the average per record cost of a data breach also hit an eleven year high and India’s average per record cost of a data breach in 2022 was Rs 6,100, a 3.3 per cent increase from Rs 5,900 in 2021. The increase from Rs 5,522 in 2020 is an increase of 10.4 per cent. As per the report, there were also record number of 29,500 data breached in 2022. The three industries per record cost were the industrial, services and the technology sector.
There has also been an increase in post breach response costs that surpassed other costs as the largest of four cost categories comprising the cost of a data breach, continuously for the 6th year. As per the report, the top three primary initial attack vector for data breach were the stolen or compromised credentials, phishing and accidental data loss or lost device. Interestingly, the average mean time to identify a data breach decreased from 239 to 221 days and the average mean time to contain a data breach increased from 81 to 82 days.
The report also pointed out that organizations with less than 50 per cent remote work adoption took 212 days as the average mean time to identify a data breach and 75 days as the average mean time to contain a data breach. However, organizations with over 50 per cent remote work adoption took 266 days as the average mean time to identify a data breach and 91 days as the average mean time to contain a data breach.
The IBM report further points out that the organizations in India who are in the mature stages of adopting zero trust deployment witnessed Rs 151 million as the total cost of a data breach as compared to organizations who have not yet started zero trust deployment and witnessed Rs 246 millions as the total cost of data breach. This cost was Rs 95 million more than breaches at mature organizations, a difference of 62.9 per cent.
“We have reached a point where cyberattacks are evolving into market stressors, hurting the economy. Sixty per cent of global businesses have raised their prices as a result of the data breach, contributing to inflation, and inadvertently passing the cost on to customers. Hackers are exploiting these circumstances to force organizations to pay ransoms, which is further compounded by the cyber skills shortage. Essentially, this is all leading to the creation of a “cyber tax” – where businesses can pass some of the costs of a breach on to the consumer,” remarked Viswanath Ramaswamy, Vice President, Technology, IBM Technology Sales, IBM India and South Asia.
He added that businesses cannot evade cyberattacks. Keeping security capabilities flexible enough to match attacker agility will be the biggest challenge as the industry moves forward. “To stay on top of growing cybersecurity challenges investment in zero-trust deployments, mature security practices, and AI-based platforms can help make all the difference when businesses are attacked,” said Ramaswamy.
The report also pointed that at the global level phishing had become the costliest breach cause and healthcare breach costs had hit the double digits for the first time ever in the 12th year in a row. Healthcare participants saw the costliest breaches among industries with average breach costs in healthcare increasing by nearly $1 million to reach a record high of $10.1 million. It was also found that there was also insufficient security staffing and sixty-two percent of studied organizations stated they are not sufficiently staffed to meet their security needs, averaging $ 550,000 more in breach costs than those that state they are sufficiently staffed.