But this hasn’t discouraged cybercriminals. Instead, dark web sites have begun resorting to traditional
            marketing tactics like two-for-one discounts on stolen data, creating a bulk sales mentality that places an
            even greater imperative on cybercrime cartels to amass large quantities of data.

            This makes it even more likely that your  data will be stolen, because even if your organisation isn’t
            specifically targeted, you could be caught up in an increasingly common smash-and-grab raid – like the
            attack on Microsoft that exposed around a quarter of a million email systems last year.

            And while the value of each piece of data on the dark web is decreasing for cybercriminals, cyber attacks
            are just getting costlier for the businesses the data is stolen from.



            How much is your data worth to your business?


            Not sure how much your data is worth? The exact answer is impossible to quantify definitively, as it will
            change from one business and one piece of data to another, but it’s clear that having your data stolen
            can have devastating consequences.

            According to the Cost of a Data Breach Report 2021 from IBM and Ponemon, which studied the impacts
            of 537 real breaches across 17 countries and regions, the per-record cost to a business of a data breach
            sits at US$161 per record on average – a 10.3 per cent increase from 2020 to 2021.

            For a personally identifiable piece of customer data, the cost goes up to US$180 per record. Not only is
            this the costliest type of record, it’s also the most commonly compromised, appearing in 44 per cent of
            all breaches in the study.


            For a personally identifiable piece of employee data, the cost sits at US$176 per record. Intellectual
            property costs US$169 per record, while anonymised customer data will set you back US$157 per record.

            But it’s extremely unlikely that a cybercriminal would go to the effort of hacking your business for one
            piece of data. In that sense, it’s more instructive to look at the average cost of a data breach in total –
            which currently sits at a staggering US$4.24M.

            For ransomware breaches, in which cybercriminals encrypt files on a device and demand a ransom in
            exchange for their encryption, the average cost goes up to US$4.62M, while data breaches caused by
            business email compromise have an average cost of US$5.01M.

            Breaches are costliest in the heavily regulated healthcare industry (US$9.23M) – a logical outcome, given
            the  heightened  sensitivity  of  medical  records.  By  comparison,  the  ‘cheapest’  breaches  are  in  less
            regulated industries such as hospitality (US$3.03M).

            Mega breaches involving at least 50 million records were excluded from the study to avoid blowing up
            the average, but a separate section of the report noted that these types of attacks cost 100 times more
            than the average breach.

            The report found the average breach takes 287 days to identify and contain, with the cost increasing the
            longer the breach remains unidentified. So when it comes to cybercrime, time really is money.






                                                                                                            144