When a security incident occurs, it often results in a host of unexpected direct and indirect costs for the impacted organization. Those expenses may include the cost to hire a third-party digital forensics and incident response (DFIR) firm, the cost to remediate the incident, and the cost of new cybersecurity protections. But the true cost of a breach doesn’t stop there. Victims of successful attacks can also suffer lost revenue, unplanned audit expenses, and can be hit with regulatory fines, legal fees, higher insurance premiums, reputational damage, professional crisis management and PR fees.
Despite the many and varied costs associated with a security incident, generally accepted industry research on the cost of a data breach focuses on the number of records stolen or people affected, which appears to have the effect of underestimating the true cost of a data breach. For example, IBM’s Cost of a Data Breach Report from 2022 found the average cost of a data breach in the U.S. to be $9.44 million.1 Meanwhile, security practitioners have seen about a dozen cases over the past four years in which the reported costs of various incidents have run into the hundreds of millions of dollars.
Download The True Cost of a Security Breach Whitepaper