|24 July, 2018

Average cost of a data breach in the Middle East stands at $5.31mln: 2018 IBM Study

Study reveals that the major cause of breaches in the region is malicious or criminal attacks

DUBAI, UNITED ARAB EMIRATES – IBM (NYSE: IBM) Security today announced the results of a Middle East study examining the full financial impact of a data breach on businesses located in the Kingdom of Saudi Arabia (KSA) and the United Arab Emirates (UAE). Overall, the study found that the average total cost of a data breach in KSA and UAE combined is $5.31 million, a 7.1% increase since 2017.

Sponsored by IBM Security and conducted by Ponemon Institute, the study was conducted in 13 countries and 2 regions: ASEAN (Association of Southeast Asian Nations), Australia, Brazil, Canada, France, Germany, India, Italy, Japan, South Africa, South Korea, the Middle East (KSA and UAE combined), Turkey, United Kingdom and United States. In KSA and UAE, the study found that breaches cost companies $163 per lost or stolen record on average. It also revealed that the root cause for 61% of breaches in KSA and UAE is malicious or criminal attacks, followed by system glitches at 21% and human error at 18%.

"We are living in an age of exponential change with more data, connected devices and computing power than ever before. While this offers businesses tremendous opportunities, it also creates more ways for potential data breaches within an organization," said Dr. Tamer Aboualy, CTO of Security Services, IBM Middle East & Africa. "The 2018 report reveals that the major cause of a data breach is malicious or criminal attacks for organizations in KSA and UAE. The potential damage from cyberattacks extends beyond the obvious issue of businesses and consumers losing money. It can dramatically impact a company’s reputation, damaging the trust and loyalty of its customers, business partners, investors, and others."

What Impacts the Average Cost of a Data Breach?

For the past 13 years, the Ponemon Institute has examined the cost associated with data breaches of less than 100,000 records, finding that the costs have steadily risen globally over the course of the study.

The study also examines factors which increase or decrease the cost of the breach, finding that costs are heavily impacted by the amount of time spent containing a data breach, as well as investments in technologies that speed response time.

  • In KSA and UAE, the average time to identify a data breach in the study was 260 days, and the average time to contain a data breach once identified was 91 days.
  • Companies that contained a breach in less than 30 days saved over $1 million compared to those that took more than 30 days ($3.09 million vs. $4.25 million average total)

Additional Key Findings from the 2018 Cost of a Data Breach Study

  • By Industry, Financial Services, Services and Technology Breaches Most Costly: In KSA and UAE, financial services, services and technology have topped the list as the most expensive industries for data breaches, costing organizations $219, $201 and $188 per record, respectively.
  • One major factor impacting the cost of a data breach in KSA and UAE was the reported cost of lost business, which was $2.2 million.

“The goal of our research is to demonstrate the value of good data protection practices, and the factors that make a tangible difference in what a company pays to resolve a data breach,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “While data breach costs have been rising steadily over the history of the study, we see positive signs of cost savings through the use of newer technologies as well as proper planning for incident response, which can significantly reduce these costs.”

Download Full Reports & Register for the Webinar

To download the 2018 Cost of a Data Breach Study: Global Overview, visit

https://www.ibm.com/security/data-breach/

To view the digital infographic with study highlights, visit: https://costofadatabreach.mybluemix.net

To register to attend the IBM Security and Ponemon Institute webinar on July 26th at 11am ET, visit: https://ibm.biz/BdYDvf

About IBM Security

IBM Security offers one of the most advanced and integrated portfolios of enterprise security products and services. The portfolio, supported by world-renowned IBM X-Force® research, enables organizations to effectively manage risk and defend against emerging threats. IBM operates one of the world's broadest security research, development and delivery organizations, monitors 35 billion security events per day in more than 130 countries, and has been granted more than 8,000 security patents worldwide. For more information, please check www.ibm.com/security, follow IBMSecurity on Twitter or visit the IBM Security Intelligence blog.

*Note to editor: $ 1 = SAR 3.75

© Press Release 2018

Disclaimer: The contents of this press release was provided from an external third party provider. This website is not responsible for, and does not control, such external content. This content is provided on an “as is” and “as available” basis and has not been edited in any way. Neither this website nor our affiliates guarantee the accuracy of or endorse the views or opinions expressed in this press release.

The press release is provided for informational purposes only. The content does not provide tax, legal or investment advice or opinion regarding the suitability, value or profitability of any particular security, portfolio or investment strategy. Neither this website nor our affiliates shall be liable for any errors or inaccuracies in the content, or for any actions taken by you in reliance thereon. You expressly agree that your use of the information within this article is at your sole risk.

To the fullest extent permitted by applicable law, this website, its parent company, its subsidiaries, its affiliates and the respective shareholders, directors, officers, employees, agents, advertisers, content providers and licensors will not be liable (jointly or severally) to you for any direct, indirect, consequential, special, incidental, punitive or exemplary damages, including without limitation, lost profits, lost savings and lost revenues, whether in negligence, tort, contract or any other theory of liability, even if the parties have been advised of the possibility or could have foreseen any such damages.

More From Press Releases