Reports

Reading the 2020 Cost of a Data Breach Report

2020 Cost of a Data Breach Report: the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% from the 2019 study.

Every year, I write about the annual report published by the Ponemon Institute on the cost of a data breach, it is a very interesting study that explores the economic impact of a “data breach.”

This year the researchers analyzed 524 breaches that occurred between August 2019 and April 2020, in organizations of all sizes, across 17 geographies and 17 industries. 

According to the 2020 Cost of a Data Breach Report, the global total cost of a data breach averaged $3.86 million in 2020, down about 1.5% from the 2019 study. Victim organizations The average time to identify and contain a data breach was 280 days in the 2020 study, quite identical to 2019 (279).

This year, the experts analyzed the impact of vulnerability testing and red team testing on the cost of a data breach and discovered that conducting red team testing could allow reducing average costs of about $243,000, while conducting vulnerability testing could allow reducing costs of about $173,000.

The report for the first time explores the cost impact of remote work and the security skills shortage.

“Organizations with remote work arrangements cited costs that were nearly $137,000 higher than the global average of $3.86 million, while organizations estimated that the security skill shortage increased costs by an average of $257,000 compared to the global average.” reads the post published by IBM that introduces the report.

For the first time, the report goes deep into analyzing the per-record cost of a data breach based on the type of records involved. The experts pointed out that the customer personally identifiable information (PII) was the most expensive type of record. The customer PII records have a cost of an average $150 per lost or stolen record, followed by intellectual property records ($147), anonymized customer records ($143) or employee PII ($141). Unfortunately, customer PII was present in 80% of the incident analyzed.

52% of data breaches observed in 2020 were caused by malicious attacks.

The analysis of the attack vectors revealed that most prominent ones were compromised credentials (19% of malicious breaches), cloud misconfiguration (19%) and vulnerabilities in third-party software (16%).

For the first time, the report analyzed the cost of breaches involving destructive malware, experts estimated that the average destructive malware breach cost $4.52 million and the average ransomware breach cost $4.44 million. The overall average cost of a malicious breach was $4.27 million.

You can explore the impacts of these cost factors and more – some that amplify costs and others that mitigate costs – using the interactive cost calculator that is a companion to this year’s report. You can register to access the full calculator to see the estimated impact of 25 cost factors on the average cost of a data breach in 17 geographies and 14 industries.See the 2020 Cost of a Data Breach report and calculator.

Another novelty for the 2020 Cost of a Data Breach Report is represented in the analysis of data breach based on the type of attacker.

Most of the malicious breach was caused by financially motivated threat actors (53%), followed by nation-state actors (13%) and hacktivist threat actors (13%). According to the experts, the average cost of a breach was higher for state-sponsored breaches ($4.43 million) and hacktivist breaches ($4.28 million) than financially motivated breaches ($4.23 million).

Let me suggest reading the full Cost of a Data Breach Report, which contains a lot of interesting data. IBM Security also implements an interactive calculator, a global map and other tools for exploring the data for insights and recommendations.

The complete report is available here.

[adrotate banner=”9″][adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Cost of data breach)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

A cyber attack briefly disrupted South African Airways operations

A cyberattack briefly disrupted South African Airways' website, app, and systems, but core flight operations…

17 hours ago

Cybercriminal services target end-of-life routers, FBI warns

The FBI warns that attackers are using end-of-life routers to deploy malware and turn them…

23 hours ago

Russia-linked ColdRiver used LostKeys malware in recent attacks<gwmw style="display:none;"></gwmw>

Since early 2025, Russia-linked ColdRiver has used LostKeys malware to steal files in espionage attacks…

1 day ago

SonicWall fixed SMA 100 flaws that could be chained to execute arbitrary code

SonicWall addressed three SMA 100 flaws, including a potential zero-day, that could allow remote code…

1 day ago

The LockBit ransomware site was breached, database dump was leaked online

Lockbit ransomware group has been compromised, attackers stole and leaked data contained in the backend…

2 days ago

Cisco fixed a critical flaw in its IOS XE Wireless Controller

Cisco addressed a flaw in its IOS XE Wireless Controller that could enable an unauthenticated,…

2 days ago