The 2018 Cost of a Data Breach Study from Ponemon Institute is now available.

IBM is proud to sponsor the eleventh annual Cost of a Data Breach Study, the industry’s gold-standard benchmark research, independently conducted by Ponemon Institute.

This year’s study found the average consolidated total cost of a data breach is $4 million. The study also reports that the cost incurred for each lost or stolen record containing sensitive and confidential information increased from a consolidated average of $154 to $158. In addition to cost data, the global study puts the likelihood of a material data breach involving 10,000 lost or stolen records in the next 24 months at 26 percent.

The research involved the collection of detailed information about the financial consequences of a data breach. For purposes of this research, a data breach occurs when sensitive, protected or confidential data is lost or stolen and put at risk. Over a 10-month period, Ponemon Institute researchers interviewed IT, compliance and information security practitioners representing 383 organizations in 12 countries: United States, United Kingdom, Germany, Australia, France, Brazil, Japan, Italy, India, the Arabian region (a consolidation of organizations in the United Arab Emirates and Saudi Arabia), Canada and for the first time, South Africa.

Read the 2016 Cost of a Data Breach report to learn:

  • The average costs and consequences related to experiencing a data breach incident.
  • Seven global mega trends in the cost of data breach research.
  • The most common factors that influence and can limit the cost of a breach.

Download the 2018 Cost of a Data Breach Study from Ponemon Institute

More from

Cloud Workload Protection Platforms: An Essential Shield

2 min read - Businesses of all sizes increasingly rely on cloud computing to power their operations. This shift has brought with it a new set of security challenges. To protect their workloads in the cloud, many of these businesses are deploying a critical tool for cloud security: cloud workload protection platforms (CWPPs).What are Cloud Workload Protection Platforms?CWPPs are comprehensive security solutions designed specifically for cloud-based environments. They provide advanced protection and threat detection capabilities to safeguard cloud workloads and guarantee the confidentiality, integrity…

2 min read

Is Open-Source Security a Ticking Cyber Time Bomb?

4 min read - Software depends on layers of code, and much of that code comes from open-source libraries. According to an Octoverse 2022 report, open-source code is used in 97% of applications. Not only do developers embrace open source, but so do nine in 10 companies. “Open-source software is the foundation of 99% of the world’s software,” Martin Woodward, VP of developer relations at GitHub, told VentureBeat.As the foundation of just about every piece of software, every application or device runs on code that…

4 min read

Threat Sharing Evolution: How Groups Offer Less Risk and Better Intelligence to Members

16 min read - Listen to this podcast on Apple Podcasts, Spotify or wherever you find your favorite audio content. In 2019, the World Economic Forum advocated for increased threat intelligence sharing by arguing that cybersecurity is a “public good.” Meaning, if organizations — both public and private — share threat information across groups, everyone has a clearer picture of the threat landscape and with it, the ability to better defend against increasingly aggressive and sophisticated threat actors. In response, multiple threat-sharing groups have sprung to life,…

16 min read

How to Manage Cyber Risk During Mergers and Acquisitions

4 min read - By attracting attention from threat actors, merger and acquisition (M&A) events are a significant source of cyber crime risk. So much so that, according to a 2020 IBM Institute of Business Value study, more than one in three executives said they experienced data breaches that can be attributed to M&A activity during integration.Security ratings, provided by security rating services (SRS), can deliver an overview of risk to stakeholders. But attack surface management (ASM) tools give security teams actionable insight on…

4 min read