IBM-Funded Study Cites Data Breaches On Average Cost Companies $3.8 Million

Consider it an unfortunate sign of the times we live in that companies have to set aside enormous funds to contend with the cost of cyber related crimes. We're not talking chump change here -- according to a study by security firm Ponemon Institute that was funded by International Business Machines, the average cost of a data breach is now $3.8 million.

That's up from $3.5 million a year ago and includes fees for investigating the breach, hiring experts to fix whatever security issue the hackers exploited, offering credit monitoring services for affected customers, and so forth. It adds up fast and shows why cyber crimes aren't just annoying, but a financial burden in many cases.

Security Breach

What's not included in that $3.8 million figure is any business that might have been lost by potential customers who steered clear of a firm because it was the recent victim of a security breach. It's difficult to put an exact figure on that.

Also not included in the $3.8 million figure are the costs absorbed by major companies like JPMorgan Chase, Target, and Home Depot. The costs for them are much larger -- Target estimates that its high profile breach cost the chain $148 million.

"Most of what's occurring is through organized crime," said Caleb Barlow, vice president of IBM Security. "These are well-funded groups. They work Monday to Friday. They are probably better funded and better staffed than a lot people who are trying to defend against them."

Interestingly, healthcare is the sector that's getting hit the hardest. The average cost per record lost or stolen in healthcare can be as high as $363, versus $154 overall.