With all of the unexpected changes occurring in 2020, some things remain the same. For its 15th year, the Ponemon Institute has conducted research to produce the annual Cost of Data Breach report published by IBM Security. This report provides a detailed view of the financial impacts, and risks security incidents can have on organizations.
This year's report enlists 524 organizations that have encountered data breaches between August 2019 and April 2020. The 2020 report demonstrates consistency with previous research from the last few years. The global cost of a data breach, which averaged $3.86M this year, was decreased by about 1.5% from 2019. Among that, the average time to identify and contain a data breach went from 279 days to 280 days in a year. Despite the availability of new technology, the response time has not changed within the past five years.
This report shows how customer personally identifiable information (PII) was the most expensive type of record. This year, the average cost of a lost or stolen record is $150. Customer PII was also the most frequently compromised data, showing up in 80% of analyzed data breaches. With SecureCircle, Customer PII data is protected by default. SecureCircle is data-centric, so when data including PII information is copied from one protected file to another, protection follows the actual data.
Malicious attacks slightly increased from 51% to 52% in 2020. Data breaches due to compromised credentials averaged $4.77 million, third-party vulnerabilities averaged $4.53 million, and cloud misconfiguration averaged $4.41 million.
With many organizations switching to a remote workforce, 76% of organizations from the report believe that the cost of data breaches will only increase. The report predicts that with a remote workforce, responding and containing a data breach will be much more difficult and time-consuming. With the research and findings of the report, organizations should realize the dangers of data breaches. Tools like SecureCircle should be deployed in these organizations to reduce risks with automated data protection. SecureCircle's Zero Trust framework protects data by default without any user interaction required. All data downloaded to employees' devices at home are protected automatically - whether the data is downloaded from a SaaS or cloud application, a corporate file server, or created on the endpoint. Adhering to Zero Trust, SecureCircle doesn't believe in safe and unsafe network locations. Data security is applied to devices at home with the same protection as devices inside the corporate network.
The data breach report highlights that many enterprises are still having trouble protecting data that should never leave an organization. Architecture's like Zero Trust focus on not automatically trusting anything inside or outside its perimeters and instead verify every action.
SecureCircle persistently protects all data by default. All permissions can be changed in real-time regardless of the location of the data. Protection is transparent to end-users with no change to the workflow. All file types and applications are supported by default, with no development required. SecureCircle is the only data protection that adheres to Zero Trust.