We recently posted a blog discussing how web application attacks have become the #1 source of data breaches out of all cyber attack vectors.
Now, new research helps organizations not just to be aware of the threat, but also put a price tag on it: $158 per stolen record. This means that even a small-scale data breach of 10,000 records can cost your company upwards of $1.5M for a single incident.
Moreover, the 2016 Cost of Data Breach Study, conducted by the Ponemon Institute and sponsored by IBM, found that under certain situations costs can be considerably higher. For example, if the breach was a result of malicious activity or a criminal attack, the average cost jumps to $170 per stolen record.
In addition, certain industries such as healthcare, finance and retail also had higher-than-average costs due to the highly sensitive nature of their data. The average data breach cost in healthcare was $355 per record, in financial services $221 per record, and in retail $172 per record. Certain countries are also more expensive than others, with the U.S. topping the list at $221 per record.
The Ponemon Institute offers a number of key recommendations for companies to mitigate the chance of a data breach occurring. Internally, the study recommends having an incident response plan in place, appointing a dedicated chief information security officer (CISO), employing encryption, and putting in place data loss prevention (DLP) mechanisms.
Applied to a customer-facing web environment, there are a number of takeaways that can be applied based on these recommendations:
Verizon Digital Media Services provides a wide array of security solutions that help defend against data breaches. Our products offer a comprehensive suite of tools to protect your website, including an enterprise-grade WAF, anti-DDoS protection, DNS protection, traffic encryption, and dynamic content acceleration over a PCI-certified network dedicated for enterprises.
Contact us to learn more how Verizon can help you defend your website.
Vikas Phonsa, Sr Product Manager – Security Solutions
Eyal Arazi, Product Marketing Manager – Security