Factors that influence breach costs

A variety of both positive and negative factors influence the expenses organizations incur as a result of breach, according to the SANS Institute. A lot of it depends on their preparedness, along with the types of data breached and scope of the breach.

“Having a proactive approach to handling security, a data classification program and policy, and a solid response and clean-up plan are significant positive steps organizations can take to reduce the costs and effects of a breach,” says SANS Analyst Barb Filkins.

The type of data accessed and/or exfiltrated in the breach strongly impacts post-breach costs. For 58% of the incidents reported in this survey, two or more types of sensitive, regulated data (such as financial data and personal identifiable data) were compromised, so fines, judgments and other expenses may increase over the costs of one sensitive data type being exposed.

There are also some factors that tend to increase the expense associated with a breach, including disruption of work, time for remediation and media attention, to name just a few.

Filkins continues, “We took a close look at the results for breaches of fewer than 1,000 records, the largest group within our survey sample, and found the results enlightening.”

For the largest group—those that exposed fewer than 1,000 records—only 20% had their breaches covered in the media.

For the vast majority (94%), there were no regulatory proceedings, judgments, fines or penalties associated with the breach. Yet the respondents incurred total expenses that range from under $1,000 to falling within the range of $1 million to $10 million.

Cyber insurance is also a determining factor in post-breach costs, yet 60% did not have commercial cyber insurance because they found it hard to acquire.