The cost of an average data breach, against an average company, is – on average - $3.92 million.
This is according to a new annual study, released by IBM Security which argues that although the financial effects may not be immediately apparent, they can pile up over the years, as companies do multiple things to get their security in order.
The costs include hiring a third-party cyber-forensics organisation, legal costs, one-time investments in security, as well as compensation and government-issued penalties.
In the past five years, these costs had risen 12 per cent.
Medium-sized organisations, those with up to 500 members of staff, had lost roughly $2.5 million on average. IBM Security says that for smaller organisations, this can burn a hole in their wallet, whose effect could be felt for years.
On average, two thirds (67 per cent) of expenses are realised in the first year after the breach. A fifth (22 per cent) is felt in the second year, and the remaining 11 per cent in the subsequent years.
The healthcare, financial services, pharmaceutical industry, and energy companies are the most likely to face additional costs over time. Firms in the US usually end up paying more than those located elsewhere on the planet.
On average, organisations need to pay a penalty of $150 per stolen record. Knowing that hackers usually steal millions of records – the cost can go astronomical really fast.