"Healthcare Data Breaches Cost an Average of $10.1M, More than Any Other Industry"

A data breach in the healthcare industry costs the most, on average, $10.1 million. According to the annual IBM Cost of a Data Breach Report, the industry has faced the highest average cost of a breach over the last 12 years. In comparison, the average cost of a breach in the US is $9.44 million. The report is based on a study of 550 organizations impacted by data breaches between March 2021 and March 2022, as well as 3,600 interviews with individuals from affected organizations, to determine the cost and greatest impact of data breaches. Healthcare spending increased by nearly $1 million, or 9.4 percent, likely due to healthcare's highly regulated nature. However, the report also revealed that breaches cost more for organizations that do not have zero-trust policies. Healthcare's struggles with zero trust strategy adoption, like those of other critical infrastructure organizations, may explain the high expenditures. Notably, breaches in the related pharmaceutical industry were the third-most expensive, costing an average of $5.01 million, a slight decrease from the previous year. Furthermore, entities that experience incidents in highly regulated industries such as healthcare and pharmaceutical frequently see their initial cost estimates increase in the years following the breach. The report claims that the difference between low and high regulatory environments became apparent two years or more after the data breach. In those industries, an average of 24 percent of breach costs were incurred two years after the incident. Regulatory and legal costs are likely contributors to these increases. Cost accruals amounted to only an 8 percent increase in industries with a lower regulatory threshold. This article continues to discuss key findings from IBM's Cost of a Data Breach Report. 

SC Media reports "Healthcare Data Breaches Cost an Average of $10.1M, More than Any Other Industry"