Average cost of a data breach in Middle East stands at $4.94 million

Average cost of a data breach in Middle East stands at $4.94 million

Ping Identity, the leader in identity defined security, has released results of the Ping Identity 2018 Consumer Survey: Attitudes and Behavior in a Post-Breach Era, unveiling consumer sentiments and behaviours toward security and brands impacted by data breaches

Malicious or criminal attacks are the most frequent cause of data breach in the Middle East

IBM Security has announced the results of a Middle East study exploring the implications and effects of data breaches on businesses located in Saudi Arabia and the United Arab Emirates (UAE).

Sponsored by IBM Security and conducted by Ponemon Institute, the study found that the average cost of a data breach in Saudi Arabia and the UAE combined is $4.94 million, a 6.9% increase since 2016.

According to the study, these data breaches cost companies $154.7 per lost or stolen record on average.

This year’s annual study was conducted in 11 countries and combined two regions: The United States, Germany, Canada, France, the United Kingdom, Italy, Japan, Australia, the Middle East (Saudi Arabia and the UAE combined), Brazil, India, South Africa and ASEAN (Association of Southeast Asian Nations).

When compared to other markets, organisations in Saudi Arabia and the UAE saw the second highest average cost of a data breach at $4.94 million, have the highest direct per capita cost ($81) and are amongst the top markets that spend the most ($1.43 million) on post data breach response.

The 2017 Cost of Data Breach report also revealed that malicious or criminal attacks are the most frequent cause of data breach in Saudi Arabia and the UAE. Fifty-nine % of incidents involved data theft or criminal misuse.

These types of incidents cost companies $171.7 per compromised record, compared to $130.7 and $128.5 per compromised record as a result of a breach caused by system glitch or employee negligence, respectively.

Top factors that contributed to the increase of cost of a data breach in Saudi Arabia and the UAE include compliance failures and the extensive use of mobile platforms. Companies reported that compliance failures and the extensive use of mobile platforms increased the cost of each compromised record by $10.4 and $12.8, respectively.

Saeed Agha, Security Business Unit Leader, IBM Gulf and Levant, said: “Data protection continues to be a challenge as businesses hold more and more sensitive information, pushing cyber security higher up the agenda.

“According to the study, malicious or cyber attacks are a major cause of data breach in Saudi Arabia and the UAE. Such attacks are financially damaging and present great threat to the reputation of organisations. It is important to start looking at security hygiene measures as an opportunity to avoid falling victim to the next big security threat rather than a nuisance.”

Time Is Money: Containing Data Breaches

The study found that having an Incident Response (IR) Team in place significantly reduced the cost of a data breach, saving more than $19 per lost or stolen record globally. The speed at which a breach can be identified and contained is in large part due to the use of an IR team and having a formal Incident Response plan. IR teams can assist organisations to navigate the complicated aspects of containing a data breach to mitigate further losses.

According to the study, how quickly an organisation can contain data breach incidents has a direct impact on financial consequences. Globally, the cost of a data breach was nearly $1 million lower on average for organisations that were able to contain a data breach in fewer than 30 days compared to those that took longer than 30 days.

With such significant cost savings in mind, the study revealed that there is room for improvement with organisations when it comes to the time to identify and respond to a breach. On average, organisations in Saudi Arabia and the UAE took 245 days to identify a breach, and 80 additional days to contain a breach once discovered.

Additional Key Findings from 2017 Cost of a Data Breach Report

  • By Industry, Services, Financial Services and Technology Breaches Most Costly: In Saudi Arabia and the UAE, services, financial services and technology have topped the list as the most expensive industry for data breaches, costing organisations $3, $201.1 and $184.5 per record, respectively.
  • Top Factors Reducing Cost of a Breach: In Saudi Arabia and the UAE, Certified Protection Officer (CPO) appointment and the use of security analytics were the factors shown to have the most impact on reducing the cost of a data breach. The appointment of a CPO and the use of security analytics resulted in $2.4 and $8.3 reduction in cost per lost or stolen record, respectively.

 Uncovering the Cost of a Data Breach

The annual Cost of Data Breach study examines both direct and indirect costs to companies in dealing with a single data breach incident. Through in-depth interviews with more than 410 companies in 13 countries or regions, the study factors in costs associated with breach response activities, as well as reputational damage and the cost of lost business.

“Data breaches and the implications associated continue to be an unfortunate reality for today’s businesses,” said Dr. Larry Ponemon.

“Year-over-year we see the tremendous cost burden that organisations face following a data breach. Details from the report illustrate factors that impact the cost of a data breach, and as part of an organisation’s overall security strategy, they should consider these factors as they determine overall security strategy and ongoing investments in technology and services.”

Download Full Reports & Register for the Webinar

To download the 2017 Cost of a Data Breach Study: Middle East (Saudi Arabia and the UAE), visit here.

Country-specific reports are also available for: Global, the United States, United Kingdom, Germany, Australia, France, Brazil, Japan, Italy, India, Canada, South Africa, and, for the first time, the Southeast Asian region (Singapore, Indonesia, the Philippines and Malaysia).

To explore and interact with findings from the 2017 report, visit the IBM Security Data Breach Calculator, an interactive tool that allows you to manipulate report data and visualize the cost of a data breach across locations and industries, and understand how different factors affect breach costs.

Browse our latest issue

Intelligent CISO

View Magazine Archive