Cost of an enterprise data breach rises to $1.41 million
New research from Kaspersky finds that the cost of enterprise data breaches has risen from $1.23 million last year to $1.41 million in 2019.
At the same time enterprise organizations have invested more in cybersecurity, with IT security budgets averaging $18.9 million compared to $8.9 million in 2018.
Having a security operations center does help to limit the cost, however. Enterprises with an internal SOC estimate their financial damage from a cyberattack at $675,000, less than half the average impact cost in 2018. Additionally, the survey shows 34 percent of companies of all sizes with a dedicated Data Protection Officer (DPO) report that cyber incidents at their organization did not result in monetary loss.
Outsourced SOCs don't have the same impact though. The survey shows that outsourcing security to a managed service provider (MSP) may actually increase financial impact. 23 percent of companies that use an MSP experienced a financial impact of $100,000 to $249,000 while only 19 percent of businesses with an in-house IT team reported this same level of damage.
"Establishing an internal SOC involves purchasing the necessary tools, building processes and recruiting analysts, which can be a challenge for any business," says Veniamin Levtsov, vice president of corporate business at Kaspersky. "Likewise, finding a DPO who can combine IT security and legal knowledge is not an easy task. These require time and budgets, and security leaders often find it difficult to justify such initiatives. But as we can see, these are worthwhile investments. Of course, just having a dedicated employee or even special subdivision does not guarantee that a company will not suffer a data breach. However, it does ensure that the business is prepared for these incidents, allowing them to recover from an attack more quickly and efficiently."
You can read more on the Kaspersky blog.