General Data Protection Regulation (GDPR)

Seven Data Breach Lessons from research studies: What does a data breach cost?

Share this post:

Blogpost by Laura Begieneman, Senior Consultant Cyber Security & Data Privacy @IBM Security |

Two questions keep coming back when I meet customers and partners in GDPR-related sessions. First, when it comes to preparing for GDPR: where to start? Second, what is the true financial impact of a data breach?

On the first topic I recently started a blog series where we break down GDPR in nine digestible use cases. The first and second blog can be found here the third  will be published next week.

On the question of financial impact, IBM Security just published a very insightful study called 2016 Cost of Data Breach report. Our goal in this annual research is to help understand the costs associated with data breach incidents.

This study covers 383 companies across 16 industries and in 12 different countries. While, unfortunately, Benelux countries are still outside the scope, there is a lot to be learned from looking at the other European countries, such as Germany, UK and France.

Click here: to learn how our study quantifies the economic impacts of data breaches and observes cost trends over time.

This is not the first time we publish this study. Over the many years of studying the data breach experiences of more than 2,000 organizations we drew seven key conclusions:

  1. Data breaches are a consistent cost of doing business and need to be incorporated into data protection strategies.
  2. The biggest financial consequence is lost business. Following a breach, enterprises need to take steps to restore customers’ trust.
  3. Most data breaches are caused by malicious attacks. These breaches take the most time to detect and have the highest cost per record.
  4. The longer it takes to detect a data breach, the more costly it becomes to resolve.
  5. Highly regulated industries (eg. healthcare, finance) have the most costly data breaches because of fines and the higher-than-average rate of lost business and customers.
  6. Improvements in data governance initiatives will reduce the cost of data breach.
  7. Investments in data loss prevention controls such as encryption and endpoint security are key in preventing data breaches.

Click here:  to learn how our study quantifies the economic impacts of data breaches and observes cost trends over time.

Clients are responsible for ensuring their own compliance with various laws and regulations, including the European Union General Data Protection Regulation. Clients are solely responsible for obtaining advice of competent legal counsel as to the identification and interpretation of any relevant laws and regulations that may affect the clients’ business and any actions the clients may need to take to comply with such laws and regulations.  The products, services, and other capabilities described herein are not suitable for all client situations and may have restricted availability. IBM does not provide legal, accounting or auditing advice or represent or warrant that its services or products will ensure that clients are in compliance with any law or regulation.
Learn more about IBM’s own GDPR readiness journey and our GDPR capabilities and offerings to support your compliance journey here.

More stories

Cyber Resilience in Belgium Action is needed

Rapid technological innovation is impacting the risk exposure of Belgian organizations. Creating security awareness is key, as well as getting the whole organization involved in cyber resilience. And how does legislation help? Experts from Agoria, LSEC, and IBM shared their insights during the IBM Security Summit Belgium 2019. Depending on the size and sector, many […]

Continue reading

A whole new approach to security

How to take risks without fear and thrive in the face of cyber uncertainty? It’s not just a question of another security tool. What we need is a new, resilient mindset and a more unified approach. Valuable lessons were learned at the IBM Security Summit Belgium 2019. Technology is changing our lives. We buy houses […]

Continue reading

De volgende stap in de digitale transformatie van de publieke sector

Er bestaat geen twijfel over dat “digitale transformatie” aan de basis lag van de digitale strategie van de afgelopen vijf jaar. Overheidsinstellingen over de hele wereld zijn op zoek gegaan naar manieren om hun processen te digitaliseren en meer open platformen aan te bieden met een veilige toegang tot gegevens. Vandaag de dag kijken deze […]

Continue reading