Ponemon 2019 Cost of a Data Breach Report


IBM Security and Ponemon Institute have released the 2019 Cost of a Data Breach Report, based on in-depth interviews with more than 500 companies around the world who experienced a data breach between July 2018 and April 2019. The study found that data breaches are costing more, taking longer to identify and contain, and more often resulting from malicious attacks.

And in an increasingly sophisticated threat landscape, an IT security skills shortage and complex security tools make it harder to safeguard your critical data.

For the first time, this year’s report details the “long tail” of a data breach, demonstrating that the costs of a data breach can be felt for years after the incident. The report also examines organizational and security characteristics that can impact the cost of a data breach, including: the complexity of security environments; operational technology (OT) environments; extensive testing of incident response plans; and the process of closely coordinating development, security, and IT operations functions (DevSecOps).

Continuing to build on previous research, the 2019 report examines trends in the root causes of data breaches and the length of time to identify and contain breaches (the breach lifecycle), plus the relationship of those factors to the overall cost of a data breach. Following the 2018 report’s initial examination of “mega breaches” of greater than 1 million lost or stolen records, we continue this research with comparative data for 2019. And for the second year, we examined the cost impacts of security automation, and the state of security automation within different industries and regions.