Data Breach Costs Are at Record Highs, and Most Are Caused by Stolen Login Credentials

Data Breach Costs Are at Record Highs, and Most Are Caused by Stolen Login Credentials

A new report from the Ponemon Institute, commissioned by IBM Security, reveals that the COVID-19 pandemic pushed data breach costs to record highs, and consistent with other studies, most breaches involve compromised login credentials.

According to “Cost of a Data Breach 2021,” organizations can expect to shell out an average of $4.24 million per incident, a 10% increase from last year, and the highest in the 17 years that IBM has been compiling the report. For the 11th year in a row, the healthcare industry has the highest average data breach cost, at $9.23 million per incident, a nearly 30% increase from last year.

While public sector breaches tend to cost much less than average, at “only” $1.93 million, this sector saw a whopping 78.7% increase in average total cost from 2020.

Ransomware attacks cost even more than data breaches, with the average incident totaling $4.62 million — and this doesn’t include the cost of paying the ransom, as nearly half of U.S. organizations do.

Remote Work Pushes Data Breach Costs Higher

The COVID-19 pandemic forced organizations to adopt remote work suddenly, without warning, and on a large scale, often to the detriment of cybersecurity. The IBM report reflects this, stating that breaches where remote work was a factor cost over $1 million more than average. Additionally, organizations where more than half of the workforce was working remotely took an average of 58 days longer to identify and contain breaches.

Stolen Login Credentials Cause the Most Breaches

Consistent with other studies, the report found that compromised login credentials caused the most breaches. Additionally, data breaches caused by compromised credentials have the longest “dwell time,” which measures the period between when a cybercriminal breaches a system and when security personnel detect them.

If a cybercriminal uses stolen credentials to breach a network, they’ll remain undetected for an average of 250 days, compared to 212 for breaches caused by other means. The longer-than-average dwell time makes sense in light of the fact that stolen credentials enable cybercriminals to bypass firewalls, antivirus software, intrusion detection systems (IDS), and other technical defenses.

Keeper Stops Data Breaches at the Source

With data breach costs rising, and stolen login credentials the number-one threat vector, it’s more important than ever for organizations to ensure that their employees are following good password security practices, such as using strong, unique passwords for every account, enabling multi-factor authentication (2FA) wherever it’s supported, and using a password management platform like Keeper.

Keeper’s zero-knowledge, enterprise-grade password security and encryption platform gives IT administrators complete visibility into employee password practices, enabling them to monitor adoption of password requirements and enforce password security policies organization-wide. Keeper takes only minutes to deploy, requires minimal ongoing management, and scales to meet the needs of any size organization.

For enhanced protection, organizations can deploy valuable add-ons such as Keeper Secure File Storage, which enables employees to securely store and share documents, images, videos, and even digital certificates and SSH keys, and BreachWatch™, which scans Dark Web forums and notifies IT administrators if any employee passwords have been compromised in a public data breach.

Not a Keeper customer yet? Sign up for a 14-day free trial now! Want to find out more about how Keeper can help your organization prevent security breaches? Reach out to our team today.