Average cost of 'one' breached PHI data hard-drive !!

In the recent past, hackers used common devices such as webcams, baby monitors, video recorders etc. infected with software known as Mirai to attack websites of giant institutions like Twitter, Paypal, Netflix etc.  Even the websites with massive infrastructure powered by Dyn could not escape threat of DDoS to its Domain Name System. Users could not reach to many websites, including CNN, Wall Street Journal, Amazon.com etc. TOI reported on 23rd October.

Can anyone guess the impact of breached data on monetary terms, i.e. the average cost of ONE breached PHI (Protected Health Information) hard drive?

Although the cost of breached data cannot be estimated, an article on the basis of Ponemon study, sponsored by IBM, cost of one breached record is to the tune of 220 USD.  There are about 29000 records in a hard disk. The cost – 7 million Dollar!

EMC Global Data Protection Index shows that the average cost of INDUSTRY DATA LOSS in 2015 was to the tune of 9,14,000 Dollar for 2.36 Terabytes.

According to financial filings (March 3, 2016, HIPAA Journal), it is reported that Excellus BlueCross BlueShield data breach has reached to the tune of 17.3 million Dollar.

Cyber Security Review : 2016

Cybersecurity incites a level of fear that seems appropriate, given all that's at stake. These are boom times for cyberthreats, cyberattacks and cybercrime. More and more sophisticated attacks are being lauched. Every minute, the world sees about half a million attack attempts. This doesn't mean striving for perfection, but rather, ensuring that the most critical assets and information be secured and maximum possible risks be remediated and bringing down the residual risks to minimal acceptable levels.

In this post, we shall run through the cyber security stats for the year 2016 to help you get an insight of the attack trends :

10% - of the compromises were due to Malicious File upload vulnerability whereas 7% were due to Malicious insiders.

23% - of the total compromises have been targeted towards organizations from the retail industry.

40% - increase in compromises affecting corporate and internal networks in 2015.

31% - of the attacks, the attackers were targetting the Card Track data.

29% - of the attacks, the attackers targetting Card data from E-commerce transactions.

47% - of the attacks through POS malware were observed in the North American region.

79% - of the attacks were self-detected by the Latin Americans. However, 59% of the customer's attacks were detected by Law enforcement and Regulatory bodies.

168 - days are required on an average to detect an intrusion and were contained in approximately 15 days.

28 - days were needed on an average to contain an external intrusion after detection.

The more the number of days an attacker is within the network, the more damange he would perform and more time would be taken to recover from the damage caused.