Close this search box.

What the IBM Cost of a Data Breach Report means for you

Table of Contents

[fusion_builder_container type=”flex” hundred_percent=”no” equal_height_columns=”no” menu_anchor=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” class=”” id=”” background_color=”” background_image=”” background_position=”center center” background_repeat=”no-repeat” fade=”no” background_parallax=”none” parallax_speed=”0.3″ video_mp4=”” video_webm=”” video_ogv=”” video_url=”” video_aspect_ratio=”16:9″ video_loop=”yes” video_mute=”yes” overlay_color=”” video_preview_image=”” border_color=”” border_style=”solid” padding_top=”” padding_bottom=”” padding_left=”” padding_right=””][fusion_builder_row][fusion_builder_column type=”1_1″ layout=”1_1″ background_position=”left top” background_color=”” border_color=”” border_style=”solid” border_position=”all” spacing=”yes” background_image=”” background_repeat=”no-repeat” padding_top=”” padding_right=”” padding_bottom=”” padding_left=”” margin_top=”0px” margin_bottom=”0px” class=”” id=”” animation_type=”” animation_speed=”0.3″ animation_direction=”left” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” center_content=”no” last=”true” min_height=”” hover_type=”none” link=”” border_sizes_top=”” border_sizes_bottom=”” border_sizes_left=”” border_sizes_right=”” first=”true”][fusion_text columns=”” column_min_width=”” column_spacing=”” rule_style=”” rule_size=”” rule_color=”” hue=”” saturation=”” lightness=”” alpha=”” content_alignment_medium=”” content_alignment_small=”” content_alignment=”” hide_on_mobile=”small-visibility,medium-visibility,large-visibility” sticky_display=”normal,sticky” class=”” id=”” margin_top=”” margin_right=”” margin_bottom=”” margin_left=”” fusion_font_family_text_font=”” fusion_font_variant_text_font=”” font_size=”” line_height=”” letter_spacing=”” text_transform=”none” text_color=”” animation_type=”” animation_direction=”left” animation_speed=”0.3″ animation_offset=””]

The average total cost of a data breach now exceeds £3m, according to the latest Cost of a Data Breach Report. The annual report, published by IBM in conjunction with research provided by the Ponemon Institute, highlights an increased risk to small businesses and a severe need for IT awareness training.

Cost of a Data Breach: Key Findings


Average total cost of a data breach


Costs mitigated as a result of a Business Continuity & Disaster Recovery Plan


Lost business is the biggest contributor to the cost of a data breach

£157 (enterprise) V £2,724 (SME)

The cost/head of a data breach for a large business and a SME


Malicious attacks are the most common cause of a data breach


The likelihood of suffering a data breach in 2019

279 Days

Average time to identify and contain a data breach

What does this mean for you?

The immediate takeaway from the report is that there is almost a 1 in 3 chance of suffering a data breach in 2019, and that the overall average cost (per incident) is over £3m.

The total cost of a data breach is determined by four key cost components:

Detection & escalation; Notification; Post data breach response; and Lost business.
Your ability to meet these criteria defines how costly a data breach would be for your business.

Detection and Escalation.
Activities that enable a business to detect and report a breach to appropriate personnel within a specified time period.

Activities that enable the business to notify individuals that their data has been compromised, including the meeting of regulatory requirements and engaging external advice if necessary.

Post data breach response
Processes set up to assist individuals or businesses affected by the breach, including increased inbound communications, reparations to victims and regulators, and associated legal expenditures.

Lost business
The cost associated with business disruption and revenue losses as a result of downtime, loss of both existing and new customers, and the diminishing of reputation.

However, the costs from a data breach can continue long into the future. Especially with the introduction of GDPR. This regulation holds data controllers (any businesses that hold personal data) responsible for the secure and responsible storage of personal data.

And the penalties aren’t small, as Google found out earlier this year. Fines can be issued of up to €20,000,000 or 4% of global annual turnover (whichever is greater). But you also have to consider the impact of a data breach on your business’s reputation.

GDPR penalties aside, people need to know that their data is secure, and if it isn’t? You’re probably going to be overlooked for a competitor.

Next Steps:
How to Mitigate Against a Data Breach

So, with all of this in mind, how do you prevent a data breach?

The short version is that you need a robust cyber security plan that includes regular testing and in-depth IT awareness training.

Why? Let’s look at the key factors involved in a breach:
Firstly, 51% of data breaches come as a result of a sophisticated malware attack. This could breach your business through a variety of forms, including network-borne attacks or malicious phishing emails.

With this in mind, you need to ensure that your network security is up to scratch, and if you’re not sure, bring in an IT consultant to analyse your existing setup.

System glitches (25%) and human error (24%) make up the remaining numbers when it comes to the root cause of a data breach. Both of these scenarios can be prevented with the delivering of robust IT awareness training.

System glitches can happen, but they’re far less likely if your business has a healthy IT culture. This includes regular patching of software and devices, and regular testing of cyber security solutions to ensure they are working as intended.

Human error, a prominent feature in the more costly phishing scams, often comes down to a lack of IT awareness or education. If staff are unaware of what to look out for, they cannot be vigilant for potentially malicious content. IT awareness training can therefore instil best practices and give your team the ability to act with confidence online.

How Business Continuity Planning Can Help

So, you’ve put your cyber security measures in place and your staff are drilled in all the best practices. You’re fully secured against a data breach, right?

Not quite.

Sometimes accidents just happen, and you can’t always account for these circumstances.

What your business must have, regardless of size, is a fully comprehensive Business Continuity & Disaster Recovery (BCDR) Plan. Whilst this cannot change the fact that data has been breached, a response plan enables you to deal with the fallout more efficiently.

For example, if you suffer downtime as a result of the data breach, what is your plan to get your business systems back up and running? Without access to your CRM, how are you going to meet your regulatory requirements by contacting your customers to inform them of the data breach?
The longer the downtime, the more revenue lost – and this includes new business, as well as your existing customers. In fact, at 36% of the total, lost business is the largest contributor to the cost of a data breach.

Companies with business continuity management in place were able to reduce their overall cost by £216,000. Whereas incident response planning saved as much as £925,000, according to IBM’s latest report.

This can be the difference between survival and failure, so if you’re yet to deploy a BCDR plan, it’s highly recommended that you start now.

To speak to Neuways about the topics addressed in this report, email us at
or call us on 01283 753 333.


Want to keep up with our blog?

Get our most valuable tips right inside your inbox, once per month!

Latest IT News & Insights
Microsoft Dynamics 365 Business Central Main Product Mockup Showcase ERP
Why Business Central enhances and streamlines solutions
See how Microsoft Dynamics 365 Business Central enhances business solutions and streamlines the processes...
Read More
Neuways artificial intelligence
Artificial Intelligence: The Good, The Bad & The Ugly
AI is the Marmite of the IT world. Love it or hate it, the reality is it filters into our everyday lives...
Read More
Choose Neuways for your IT Support, Cyber Security and Business Central needs.
Cyber Security Acronyms Part 1: Neuways
We are helping clients to understand cyber security. We're making it easy for you, as we are jargon busting...
Read More
Password Manager and Security with neuways
Password Managers just became an even more important tool for Employees
The Government has brought in a ban on employees and manufacturers using default passwords.
Read More
Dark Web monitoring
What is the Dark Web?
Dark Web Monitoring identifies whether any of your company data (including login credentials and confidential...
Read More
Password Manager and Security with neuways
Password Security
Business Password Manager Tool Protect your remote workforce with Password Manager Tool, the business...
Read More
WatchGuard WiFi Security
WatchGuard User Services Platform – Simple, Secure and Intelligent WiFi
Why do Neuways partner with WatchGuard? Find out below to see how we improve the cyber security of your...
Read More
Endpoint Security
Endpoint Security
Protect your business with the best in Endpoint Security – How Neuways can help you Protect Your...
Read More

Frequently Asked Questions

Managed IT support is a comprehensive solution where an expert IT provider, like Neuways, handles your technology infrastructure. This includes proactive monitoring, maintenance, cyber security, and support.

Contact us

Support: 01283 753300

Business Development: 01283 753333

Purchasing: 01283 753322

Admin and Accounts: 01283 753311


Yes we do. Your business needs Cyber Security due to the increasing number of cyber threats that are affecting businesses in all industries. If your business has data and technology systems implemented, you will need Managed Cyber Security.

Yes we can. We have our own dedicated Microsoft Dynamics 365 Business Central teams who work to ensure that we can implement the right systems and solutions into your website that are absolute right for you. 

Got a question?

Reach out
& Connect

Please enable JavaScript in your browser to complete this form.