WHAT TYPE OF ATTACKS ARE THE MOST EXPENSIVE? 

Average total costs

$5.01M, business email compromise attacks

$4.65M, phishing attacks

$4.61M, malicious insiders

$4.47M, social engineering

$4.37M, compromised credentials 

WHAT’S THE LINK BETWEEN BREACHES AND WORKING FROM HOME? 

Remote work can leave the network more vulnerable to attacks.

$5.54M average cost of breach at organizations with 81%-100% of employees working remotely

$4.39M average cost of breach with 61%-80% of employees working remotely

$1M average higher cost for breaches that involve remote working

WHAT DIFFERENCE DO SECURITY AND CLOUD ENVIRONMENTS MAKE?

80% cost difference where security AI and automation were fully deployed

$3.61M, average cost of breach in hybrid cloud environments; $1.19M less than public cloud breaches

WHAT ARE THE SOLUTIONS?

• Take a “zero trust” security approach. Organizations with a mature stage of zero trust deployment had an average breach cost $1.76M less than others.
• Stress test incident response plans to increase cyber resilience. Those that took this measure had an average breach cost $2.46M less than others.
• Implement security orchestration, automation and response (SOAR) to improve detection and response times.
• Use tools that protect and monitor remote employees’ technology endpoints.
• Invest in governance, risk management and compliance programs.
• Use encryption to protect sensitive data in cloud environments.
• Optimize an open security architecture.
• Minimize the complexity of IT and security environments.

Source: “Cost of a Data Breach Report, 2021.” Research by Ponemon Institute, sponsored by IBM Security, July 2021.