If your company isn’t taking important steps to protect against a potential data breach, it might be time to worry – attacks on businesses and organizations are increasing, and so are their costs.

According to a new study by the Ponemon Institute, an average cost of a “regular” breach ranges from $2.2 million to $6.9 million, while so-called “mega breaches” (including more than 1 million stolen records) can cost companies hundreds of millions of dollars. From $40 million to $350 million, to be precise. While the actual cost of an attack mostly depends on the number of accounts compromised, there are other factors that shape the final numbers.

Location. Last year U.S. companies experienced the most expensive data breaches, followed by the Middle East countries. Meanwhile, in Brazil and India, the costs were a few times lower.

Industry. Contrary to what many think, the business sector isn’t the most suffering target. According to the study, healthcare organizations have the highest expenses associated with cybercrimes. While the industry average last year was $148 per capita, the price was nearly three times higher for such organizations, costing $408 for every stolen record.

Response time. The research shows that companies that managed to identify and contain a breach in less than a month were able to save $1 million compared to ones that took longer to respond. Unfortunately, the practice shows that most organizations take around 266 days to resolve the problem.

Additional loses. Besides the direct financial damage, falling victim to a data breach often comes with secondary consequences, such as disrupted operations, damage to brand’s reputation, credit-card re-issuing, identity theft repair and other expenses.

Time is money: How to avoid spending millions on a data breach

While data breaches are becoming more expensive and widespread, many organizations still lack incident response plans and the proper tools to stop an attack before it does more damage.

The first step towards better security is understanding the potential risk and how much simple ignorance could cost your organization. And then come the steps crucial for preventing the next breach, or at least reducing the damage if hit by a cyber attack.

Data breach security checklist

  • Assemble an incident response team and define a breach response strategy. In the event of an attack, you will be in a better position to reduce the damage and expenses.
  • Stay up to date. New attacks pop up every single day, and you can never know which one will hit you. Therefore, it’s important to be aware of what’s happening in the cybersecurity landscape.
  • Train your staff. When it comes to breaches, people are often seen as the weakest link. Companies should organize regular cybersecurity training so that everyone in the organization would be able to identify a threat and know what to do once they face one.
  • Browse with VPN. The virtual private network (VPN) will redirect your Internet traffic through an encrypted tunnel, securing your communications from being monitored and intercepted by malicious actors and other snoopers.
  • Use vulnerability detection software. Acunetix Vulnerability Scanner automatically crawls and scans websites and web applications for dangerous vulnerabilities that can compromise your sensitive data.

As all of the tips show, preventing data breaches from hitting your organization isn’t rocket science. When you know what to expect and have reliable tools on your side, you can spot a breach much faster and take control of the situation to save your data, money, and reputation.

Harold Kilpatrick
Cybersecurity Consultant and a Freelance Blogger
Harold Kilpatrick is a cybersecurity consultant and a freelance blogger. He’s currently working on a cybersecurity campaign to raise awareness around the threats that businesses can face online.