Cost of data breaches in KSA & UAE rises to over $5m says IBM study

Cost of data breaches in KSA & UAE rises to over $5m says IBM study

IBM Security has announced the results of a Middle East study examining the full financial impact of a data breach on businesses located in the Kingdom of Saudi Arabia (KSA) and the United Arab Emirates (UAE). Overall, the study found that the average total cost of a data breach in KSA and UAE combined is $5.31 million, a 7.1% increase since 2017.

Sponsored by IBM Security and conducted by Ponemon Institute, the study was conducted in 13 countries and 2 regions: ASEAN (Association of Southeast Asian Nations), Australia, Brazil, Canada, France, Germany, India, Italy, Japan, South Africa, South Korea, the Middle East (KSA and UAE combined), Turkey, United Kingdom and United States. In KSA and UAE, the study found that breaches cost companies $163 per lost or stolen record on average. It also revealed that the root cause for 61% of breaches in KSA and UAE is malicious or criminal attacks, followed by system glitches at 21% and human error at 18%.

“We are living in an age of exponential change with more data, connected devices and computing power than ever before. While this offers businesses tremendous opportunities, it also creates more ways for potential data breaches within an organization,” said Dr. Tamer Aboualy, CTO of Security Services, IBM Middle East & Africa.

“The 2018 report reveals that the major cause of a data breach is malicious or criminal attacks for organizations in KSA and UAE. The potential damage from cyberattacks extends beyond the obvious issue of businesses and consumers losing money. It can dramatically impact a company’s reputation, damaging the trust and loyalty of its customers, business partners, investors, and others.”

What impacts the average cost of a data breach?

For the past 13 years, the Ponemon Institute has examined the cost associated with data breaches of less than 100,000 records, finding that the costs have steadily risen globally over the course of the study.

The study also examines factors which increase or decrease the cost of the breach, finding that costs are heavily impacted by the amount of time spent containing a data breach, as well as investments in technologies that speed response time.

In KSA and UAE, the average time to identify a data breach in the study was 260 days, and the average time to contain a data breach once identified was 91 days.

Companies that contained a breach in less than 30 days saved over $1 million compared to those that took more than 30 days ($3.09 million vs. $4.25 million average total) Additional Key Findings from the 2018 Cost of a Data Breach Study By Industry, Financial Services, Services and Technology Breaches Most Costly:

In KSA and UAE, financial services, services and technology have topped the list as the most expensive industries for data breaches, costing organizations $219, $201 and $188 per record, respectively. One major factor impacting the cost of a data breach in KSA and UAE was the reported cost of lost business, which was $2.2 million.

“The goal of our research is to demonstrate the value of good data protection practices, and the factors that make a tangible difference in what a company pays to resolve a data breach,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “While data breach costs have been rising steadily over the history of the study, we see positive signs of cost savings through the use of newer technologies as well as proper planning for incident response, which can significantly reduce these costs.”

To download the 2018 Cost of a Data Breach Study: Global Overview visit: