Data breaches can result in dire financial repercussions for any organisation that has to deal with sensitive data, whether that be personally identifiable information (PII), personal health information (PHI), payment details, or other similar data. Depending on the number of records compromised, the costs range anywhere from tens of thousands to hundreds of millions of dollars.
The latest Ponemon study, sponsored by IBM and released in July 2018, calculates the full cost of “mega breaches” (involving more than 1 million lost records) to be $350 million. This figure takes into account the more evident cyber incident expenses such as those for technical investigation, customer breach notification and credit monitoring, regulatory fines and litigation services, among many others. The organisation would also have to cover the cost of investing additional resources into network security improvements.