R46 million — The cost of a data breach at a South African company

The average data breach costs a South African company R46 million and takes around eight months to detect and contain, a new study from IBM Security has found.

The 2021 Cost of a Data Breach Report, conducted by the Ponemon Institute, is based on an in-depth analysis of real-world data breaches experienced by organisations in South Africa.

The study suggested that security incidents at organisations have become more costly and harder to contain due to big operational shifts, increasing costs to South African companies by 15% compared to 2020.

According to the report, the average time it took a South African company to recover from a data breach was 237 days — 184 to detect and a further 53 to contain. This is the longest this average has been in six years.

It also found that containing a breach in under 200 days could save a company almost R7 million, while each lost or stolen record cost around R2,300.

Data breaches in the financial, industrial and services industries were the most expensive by industry, at R1,548 per record.

Sheldon Hand, IBM Southern Africa head of data, AI, automation, and security said that South African organisations have growing remote workforces, which led to more sensitive data moving across less controlled environments.

“Organisations need to double down on protecting their most valuable data – whether its customer, employee and company information – and ensure they have advanced security processes, like automation and formal incident response teams, in place.”

The report’s findings indicate that business security may have lagged behind these rapid IT changes, hindering organisations’ ability to respond to data breaches.

Sheldon Hand, Data, AI, Automation and Security Business Unit Leader for IBM Southern Africa

The researchers identified several trends among South African organisations which impacted their susceptibility to data breaches:

Remote work impact

Companies with more than 50% remote work adoption took longer to identify data breaches, on average taking 214 days to identify them and 52 days to contain them.

Compromised credentials 

Compromised business emails were the most common method of attack to breach companies in the study — costing organisations over R71 million on average.

Malicious insider attacks, social engineering, and vulnerabilities in third-party software were some of the other primary initial attack methods for data breaches, with all three costing above R50 million on average.

Modernising lowered costs

The adoption of AI, encryption, Incident Response testing and cyber-resilience were the top mitigating factors that reduced the breach costs, saving companies between R2.7 million and R3.3 million compared to those that did not have significant usage of these tools.

Although certain IT shifts during the pandemic increased data breach costs, organisations that did not implement any digital transformation projects to modernise their business operations incurred higher data breach costs.

The breach cost was R10 million higher than the average at organisations that had not undergone any digital transformation due to Covid-19 compared to those at a mature stage.

The study also pointed out two specific measures that allowed companies to better deal with data breaches.

Firstly, a zero-trust security approach, which uses AI and analytics to continuously validate connections between users, data and resources, had an average data breach cost of R29 million, R25 million less than when not using this approach.

Secondly, incident response teams and plans also reduced data breach costs among the studied companies.

“Companies with an incident response team that also tested their incident response plan managed to save R 3million in the case of a data breach, while those that had put an incident response team in place, cut the average cost by R2.7 million,” IBM Security stated.

Now read: Transnet ransomware hackers did not get a single cent