Does remote working affect the cost of a data breach?

Since the start of the COVID-19 pandemic, experts have warned that the switch to remote working would negatively affect organisations’ ability to detect and contain security incidents.

Of course, many employers didn’t have a choice. Government guidelines in the UK and many other parts of the world urged people to work from home wherever possible. So what affect has this had on organisations’ cyber security?

According to IBM’s Cost of a Data Breach Report 2020, when the majority of employees work from home, the cost of a data breaches increased by $137,000 (£104,000).

That’s a significant figure, but a relatively low percentage of the overall cost of a data breach, which is £3.9 million on average in the UK and just under £3 million worldwide.

The report also found that the average cost of a data breach per compromised record was $150 (£115), and that data breaches in the healthcare sector are by far the most expensive, with the average incident costing $7.13 million (£5.47 million).

By comparison, the next most costly data breaches were in the energy sector ($6.4 million; £4.91 million) and finance sector ($5.9 million; £4.53 million).

Why remote working affects data breach costs

IBM’s study confirms what was already suspected, with 70% of respondents believing that a remote workforce would increase the cost of a data breach.

There are a couple of reasons this might be the case. For a start, without employees on the premises, it’s harder to spot when something has gone wrong.

Another factor is that incidents may well prevent remote employees from accessing work documents or communicating with colleagues. The disruption could severely affect their productivity or force them to stop working altogether.

Indeed, there is a correlation between the time it takes to respond to a breach and its cost. IBM found that the average time it takes to identify an incident is 280 days, but organisations that can identify and contain it within 200 days save about $1 million (£770,000).

However, this isn’t simply a case of an organisation haemorrhaging money until it plugs the leak. The report also found that 39% of the costs of a data breach come more than a year after the incident occurred.

In other words, the damage caused by a data breach will linger as the organisation addresses ongoing issues – whether that’s a loss of customers, regulatory penalties or making up for lost productivity.

Reduce the cost of a data breach

Organisations coped best with data breaches when they implemented automated tools to detect data breaches and suspicious behaviour, according to IBM.

It found that using artificial intelligence and analytics could save organisations $3.58 million in data breach costs.

Meanwhile, organisations that adopted incident response plans and appointed teams to manage them saved an average of $2 million (£1.54 million) in data breach costs.

Any organisation that’s looking to bolster its cyber security should prioritise these choices. IBM also recommends that you stress-test your incident response plans, ensuring that they are appropriate to the threat.

Looking for data breach response help?

Your ability to detect security incidents and respond to them promptly could be the difference between a minor disruption and a catastrophe.

However, for many organisations, creating and managing an incident response plan can be a daunting task.

But with our Cyber Security as a Service, you can protect your organisation quickly, easily and cost-effectively – all with one simple and affordable annual subscription service.

Our cyber security experts can provide unlimited guidance, so you can be sure that whenever disaster strikes, someone is at hand to help.

Find out more

Subscribe to our Weekly Round-up

No Responses