Study quantifies business continuity management benefits during a data breach
- Published: Tuesday, 04 July 2017 08:22
A Ponemon Institute study has examined the impact of business continuity management (BCM) on the cost of a data breach. Sponsored by IBM, the global study revealed that companies using BCM and disaster recovery services reduces the total average time to identify and contain a data breach incident by 78 days resulting in total average savings over that response time period of $394,922. The average total cost of data breach with BCM involvement was $3.35 million, significantly less than the $3.94 million cost for companies operating without BCM programs.
The study surveyed 1,900 individuals from 419 companies in 16 countries. Of the 419 companies, 226 companies self-reported they have BCM involvement in resolving the consequences of a data breach. Of these companies, 95 percent rate BCM involvement as very significant (65 percent) or significant (30 percent).
"Executing business continuity management strategies to respond to data breach incidents is increasingly a top business priority for companies worldwide," says Laurence Guihard-Joly, general manager of IBM Global Resiliency Services. "Automating and orchestrating these disaster recovery and business continuity plans will help to not just protect sensitive data, but also ultimately boost productivity, strengthen competitiveness in the marketplace, and deliver greater return on investment in the long term."
Additional key findings:
- 95 percent of companies surveyed indicated that uniting their business continuity management and IT security functions (BCM/cybersecurity cooperation, crisis management expertise across departments, joint cyber-simulation testing) had a significant impact on mitigating the effects of a data breach.
- The average cost per lost or stolen record can be as high as $152. With business continuity management involvement the average cost can be as low as $130.
- 76 percent of companies surveyed without business continuity management involvement had a material disruption to business operations. This decreases to 55 percent for companies involving BCM in advance of the data breach.
- 52 percent of companies surveyed with business continuity management involvement said their reputation or brand had been negatively impacted because of a data breach. However, 62 percent of companies without BCM involvement said their organization's brand and reputation was negatively affected.
View the full study results (registration required).