Data breaches now blow a million-dollar hole in India Inc’s pocket.
In 2017, the average cost of a data breach in the country rose nearly 8% year-on-year to Rs11.9 crore ($1.7 million), according to a study conducted by IBM Security and Ponemon Institute, an American research firm.
The study covered nearly 500 global companies that experienced such theft. It analysed the cost of stolen records, customer defections, and opportunity loss. It also took into consideration the expenses on detection, notification, response, legal action, investigation, administrative action, reputation management, and customer support, among others.
Financial sector firms lost the most, followed by the services and industrial sectors, the study found. The cost impact was the least on companies in the public sector.
The number of incidents of data theft and cyber attacks, too, has been on the rise in India. Between April 2017 and January 2018, over 22,000 Indian websites, including 114 government portals, were hacked, according to government data. One such incident was reported in May when the personal data of millions of Indians registered with the Employees’ Provident Fund Organisation was allegedly leaked.
Indian companies are struggling to cope with such risks. They are taking a lot longer to identify and contain these data breaches, according to the IBM study.
In 2017, the mean time to identify a data breach increased to 188 days in the country from 170 days in 2016. The time taken to contain them, too, has increased from 72 to 78 days, the study says.
Yet, companies lag when it comes to taking preventive steps.
They are still struggling to step up security, mostly due to a shortage of experts, while Indians in general remain careless with their personal information.