Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Middle East witnesses higher cost per data breach than global average

Image Description

The average cost per data breach incident in the Middle East is higher than the global average and it is the second-highest after the US, according to a new study.

Sponsored by IBM Security and conducted by the Ponemon Institute in 17 countries between August 2019 and April 2020, the 2020 Cost of a Data Breach Report states that the average cost per data breach in the US stands at $8.64m, followed by the Middle East at $6.52m and Canada at $4.50m.

In 2019, the average cost was $5.97m in the Middle East.

A breach is defined as an event in which an individual’s name and a medical record and/or a financial record or debit card is potentially put at risk — either in electronic or paper format.

The global average cost per breach is $3.86m.

In contrast, Latin American and Brazilian organisations had the lowest average total cost at $1.68m and $1.12m, respectively.

In Saudi Arabia and the UAE, breaches cost companies $188 per lost or stolen record on average, which represents an increase of 8.5% from 2019 while the cost of a data breaches in these two countries has risen by 9.4% over the past year.

(Image credit: IBM)

Root cause: Malicious attacks

In the Middle East, malicious attacks were the root cause for 59% of the data breaches while system glitches at 24% and human errors at 17%.

In the Middle East, 23% of the organisations have fully deployed security automation while 40% have partially deployed security automation and 37% haven’t deployed security automation at all.

In the study, the average time to identify a breach was 207 days and the average time to contain was 73 days, for a combined 280 days.

In 2019 the average time to identify was 206 days and the average time to contain was 73 days, for a combined 279 days.

In the Middle East, the average time to identify a breach in 2020 was 269 days and the average time to contain was 100 days, for a combined 369 days compared to 381 days in 2019.

The Middle East comes second, after Brazil (380 days), to identify and contain a data breach and healthcare were found to incur the highest per-record cost of a data breach, followed by financial services and then technology.

Date

05 Aug 2020

Sources


Share


Other Blog

  • GPU company Imagination Technologies to teach students how to design a CPU

    Imagination announces its first RISC-V course for students.

    Read More
  • High-severity WordPress plugin bug puts thousands of websites at risk

    Researchers have disclosed a severe security vulnerability affecting a WordPress plugin installed across more than 20,000 websites.

    According to a blog post from security firm Wordfence, the bug is present in older versions of the Access Demo Importer plugin, which lets WordPress users import demo content, widgets, theme options and other settings to their sites.

    If exploited, the vulnerability could reportedly allow attackers with subscriber-level access to upload arbitrary files that set the stage for remote code execution. Wordfence says that sites with open registration could be particularly vulnerable to this exploit.

    The vulnerability has been assigned a severity score of 8.8/10 as per the Common Vulnerability Scoring System (CVSS).

    WordPress plugin vulnerability

    The Access Demo Importer vulnerability is said to originate in a feature that allows users to install plugins hosted outside of the official WordPress repository.

    “Unfortunately, this function had no capability check, nor any nonce checks, which made it possible for authenticated users with minimal permissions, like subscribers,  to install a zip file as a ‘plugin’ from an external source,” explained Wordfence.

    “This ‘plugin’ zip file could contain malicious PHP files, including webshells, that could be used to achieve remote code execution and ultimately completely take over a site.”

    The vulnerability was first identified by Wordfence in early August. After a series of failed attempts to get in contact with the vendor, the security firm escalated the issue to the WordPress.org team and the plugin was pulled down to allow the developers to put together a patch. A partial fix was rolled out in early September, followed by a comprehensive patch on September 21.

    To shield against attack, WordPress users are advised to update to the latest version of the Access Demo Importer plugin (version 1.0.7) immediately.

    Read More
  • Check out what an iPad Air-inspired iMac M1 could look like

    Apple’s rumored shrunk-down version of the Mac Pro has also been reproduced in concept renders.

    Read More
  • Compare NBN plans: best-value options from Telstra, TPG, Optus and more

    Deciding on the best NBN plan for you can be tricky, but we've got your back.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us