South African Companies Lose About $2.3 Million to Data Breaches Says IBM

More studies are emerging to capture the depth of loss attributed to data breaches to both organisations and individuals across Africa. Last week, a global report by a British data security firm highlighted that Nigeria is second only to India in data breaches from a survey warning that many organisations in Africa are not paying detailed attention to issues regarding data breaches as they should which is a major threat to investment in the region. As if to confirm the earlier report, a new study by IBM Security shows that security breaches can cost South African companies an average of $2.3 million, about R40 million.

Sheldon Hand, IBM Security Leader for South Africa
Sheldon Hand, IBM Security Leader for South Africa

Based on in-depth analysis of data breaches experienced by South African organisations, the study found that malicious attacks on customer, employee and corporate data were most prevalent – accounting for 48% of incidents – and proving to be the costliest cause of breaches to businesses.

As companies are increasingly accessing sensitive data via new remote work and cloud-based business operations, the report sheds light on the financial losses that organisations can suffer if this data is compromised.

Read also : https://afrikanheroes.com/2020/07/26/bolt-disrupts-ride-hailing-with-new-low-cost-service-in-south-africa/

Examining cost factors which contribute to the cost of the data breach in South Africa, the study found that for companies studied in South Africa, the average time to identify a data breach increased to 177 days (from 175 days in 2019), and the average time to contain a data breach once identified decreased to 51 days (from 56 days in 2019). The global average to identify a data breach was higher at 207 days with an average time of 73 days to contain the breach.

It also established that in South Africa, the three root causes of data breaches identified as malicious or criminal attack (48%), human error (26%) and system glitches (26%). Adding that in average, malicious or criminal attacks took 191 days to identify and 62 days to contain. Human error breaches took 164 days to identify and 40 days to contain while system glitch breaches took 163 days to identify and 44 to contain.

Read also : https://afrikanheroes.com/2020/06/12/200-nigerian-startups-selected-for-forbes-nigerias-first-digital-startup-accelerator/

Also, it notes that the amount of lost or stolen records also impacts the cost of a breach, costing R1,984 per lost or stolen record on average – a 9.35% decrease from 2019. While investments in smart tech resulted in lower breach costs as companies who had fully deployed security automation technologies (which leverage AI, analytics and automated orchestration to identify and respond to security events) experienced lower data breach costs compared to those who didn’t have these tools deployed.

Read also:https://afrikanheroes.com/2020/07/05/the-greatest-cybersecurity-threat-of-all/

“It is becoming increasingly important for IT leaders to put security measures in place which reduce the impact of a data breach,” says said Sheldon Hand, IBM Security Leader for South Africa. Adding that “with this year’s study, we’re seeing how costs were much higher for South African organisations that had not yet invested in areas such as security automation and incident response processes – and how complex security systems and cloud migration cost companies the most. With growing complexities facing companies, putting measures in place which significantly reduce the time it takes to investigate, isolate, contain and respond to the damage, will significantly reduce financial and brand impact.”

Kelechi Deca

Kelechi Deca has over two decades of media experience, he has traveled to over 77 countries reporting on multilateral development institutions, international business, trade, travels, culture, and diplomacy. He is also a petrol head with in-depth knowledge of automobiles and the auto industry