×

Cost of data breaches hits $4 million on average: IBM

International Business Machines Corp. (IBM)
Scott Eells | Bloomberg | Getty Images

Getting hacked is getting really expensive.

The average cost of a data breach hit $4 million, representing a 29 percent increase since 2013, according to IBM Security, which release a report on the topic Wednesday.

That's approximately $158 for every lost or stolen record. In highly regulated industries like healthcare, the cost of a breach can be as much as $355 per record, $100 more than in 2013, the report said.

"Cybersecurity incidents continue to grow in both volume and sophistication," Amanda Carl, IBM's corporate communications officer wrote in the report, "with 64 percent more security incidents reported in 2015 than in 2014."

The current process of responding to a breach is extremely complex and time consuming if not properly planned for, the report said.

The average time to identify a breach in the study was 201 days, and the average time to contain a breach was 70 days.

According to the study, leveraging an incident response team was the single biggest factor associated with reducing the cost of a data breach, which saved companies nearly $400,000 on average or $16 per record.

Response activities like incident forensics, communications, legal expenditures and regulatory mandates account for 59 percent of the cost of a data breach. Part of these high costs may be linked to the fact that 70 percent of U.S. security executives report they don't have incident response plans in place, according to the report.

The study also found that companies that had predefined business continuity management (BCM) processes in place found and contained breaches more quickly, discovering breaches 52 days earlier and containing them 36 days faster than companies without BCM.