Skip to main content

Are the Bad Guys Winning?

The results are in and the answer is yes! The Ponemon Institute interviewed more than 2,200 IT, data protection, and compliance professionals from over 450 companies that had a recent data breach, and its 2018 Cost of a Data Breach Study: Global Overview reveals lessons from which we can all learn.

On-Demand Webinar: Key Strategies for Ensuring a Profitable Independent Practice
During this one-hour program, practice management expert Debra Phairas discusses how various business models and operational enhancements can increase revenue to help your practice remain successful in today’s competitive marketplace.

Statistics Are More Than Just Numbers – They’re Consequences

  • The average total cost of a breach in the U.S. is $7.91 million (more than double the global average of $3.86 million).
  • Data breach costs have increased by 6.4 percent from 2017.
  • The number of compromised records rose by 2.2 percent.
  • Heavily regulated industries, such as healthcare and financial organizations, pay substantially more than other industries when data is compromised.
  • A data breach due to malicious or criminal activity costs $157 per record, while the cost for breaches caused by system and human errors were $131 and $128, respectively.

Key Factors That Influence Cost and What You Can Do

These days, it’s not a matter of if but when a breach will happen to you. The Study offers helpful tips to reduce the cost in the event of a breach.

  1. Pay less by finding and fixing it fast

The Study found that the quicker a company acts, the less a breach may ultimately cost. When considering a timely response, companies who identified a breach in less than 100 days saved more than $1 million. Likewise, organizations that contained or resolved a breach in less than 30 days saved more than $1 million as well. Consider an intrusion detection system (IDS) to monitor your environment for malicious activity or policy violations, so you can quickly identify any unauthorized access and save money in the long run.

       2. Create an incident response team

The Study also found that having a capable incident response (IR) team reduced the cost of a breach by almost $14 per compromised record. That may not sound like a lot, but multiply it by the average number of records compromised during a breach, and the numbers quickly add up. If you don’t have an IR plan and team in place, build one and test it regularly. The Study provides tips for building a business case for an Initial Response Plan, so you can quantify why your organization needs one.

       3. Encryption cuts costs even further

Want to bring that per-record cost down even more? Encryption reduced costs by $13 per record. Encrypting stored personally identifiable information saves you legal and notification costs should an incident occur.

       4. Limit your dependence on these factors

Third-party involvement, extensive cloud migration, compliance failure, and the extensive use of mobile platforms all increase the cost of a data breach.

The Study is an annual reminder that, while breaches are expensive, certain measures can be taken to reduce the costs that follow. Download a complete copy of the Study at https://www.ibm.com/security/data-breach to learn how your organization can put its findings to work.

       5. Make sure you have insurance

Make sure you are protected with an insurance policy.  A CyberRisk insurance policy will not only cover you for the costs of a data breach, it will provide you with knowledgeable experts and legal advice to take the actions you need. 

CAP Physicians Insurance Agency can provide you with CyberRisk Insurance designed to complement your $50,000 insurance coverage benefit you get with your CAP membership, and it is surprisingly affordable. Give us a call at 800-819-0061 or e-mail us at
CAPAgency@CAPPhysicians.com today to make sure you have the coverage you need to protect your practice.