2021 Cost of a Data Breach Report in ASEAN countries

    TechnologyCybersecurity2021 Cost of a Data Breach Report in ASEAN countries

    Now in its 17th year, the Cost of a Data Breach Report is more relevant than ever in securing data privacy and cybersecurity, as it offers a deeper understanding of these kinds of security risks by issuing key findings, impacts, and recommendations for different countries, organizations, and industries.

    The global study — which was conducted by Ponemon Institute and published by IBM — is based on an in-depth analysis of real-world data breaches experienced by over 500 organizations including 25 organizations in ASEAN countries (countries in the study include Singapore, Indonesia, Philippines, Malaysia, Thailand, and Vietnam).

    Globally, the study suggests that security incidents became more costly and harder to contain due to drastic operational shifts during the pandemic, but in ASEAN, costs were declining at around 6% compared to the prior year. Although there is a decline in security incident costs, the average cost of a breach is still higher for organizations that had not undergone digital transformation (due to COVID-19) in the ASEAN countries mentioned above. The cost of a breach was USD 430,000 higher than average. On the other hand, compromised user credentials were the most common attack method used as an entry point by attackers, representing more than 20% of breaches studied in ASEAN.

    Cost of Data Breach

    Here are some more key findings of the Cost of a Data Breach Report in the ASEAN countries:

    • Data breaches now cost companies in ASEAN USD 2.64 million (SGD 3.61 million as stated on the table) per incident on average, which is lower than the global average of USD 4.24 million
    The Table was measured using Singaporean Dollar as currency: S$3.18 million in 2017, S$3.29 million in 2018, S$3.58 million in 2019, S$3.85 million in 2020, and S$3.61 million in 2021.
    • In ASEAN, data breaches in financial affairs were most expensive by industry (USD 231 million), followed by transportation (USD 178 million) and technology (USD 172 million).
    The Table was measured using Singaporean Dollar as currency: SGD316 million in financial, SGD244 million in Transportation, and SGD236 million in Technology.
    • Organizations in ASEAN that had not deployed/not started zero trust approach had an average data breach cost of USD2.29 million (SGD4.15 as on the table below) compared to those that had zero trust (depending on the level of maturity) was USD0.75 million lower.
    The total cost of data breach to those who haven’t started zero trust deployment was SGD4.15 million while those who started/deployed zero state deployment had total costs of SGD3.13 million in the early stage, SGD3.56 million in the middle stage, and SGD3.13 million in the mature stage.
    • The average time to detect and contain a data breach was 307 days (223 to detect, 84 to contain) – which is 20 days longer than the prior year report for ASEAN.
    On average, the days of identifying a data breach are 223 days while the days of containing are 84 days.
    • The average records breached were 19,802, and the average per record cost of data breach over 5 years is more than USD140 million per capita cost (SGD192 million per capita cost) in ASEAN.
    The Table was measured using Singaporean Dollar as currency: SGD156 million in 2017, SGD167 million in 2018, SGD176 million in 2019, SGD201 million in 2020, and SGD192 million in 2021.
    • Comparing three levels of deployment, 29% of respondents had fully deployed security automation vs. 37% partially deployed and 34% not deployed in ASEAN this 2021.
    The table on State of security automation is as follows: 34% not deployed, 37% partially deployed, and 29% fully deployed.
    • In ASEAN, a data breach lifecycle of less than 200 days produced a cost savings of nearly a third over a breach lifecycle longer than 200 days. A breach with a lifecycle over 200 days costs an average of USD 3.09 million (SGD 4.22 million) in 2021 vs. USD 2.19 million (SGD 2.99 million) for a breach with a lifecycle of less than 200 days. The gap of USD 0.9 million represents a difference of 29.1%.
    The Table was measured using Singaporean Dollar as currency: a total of SGD2.99 million in less than 200 days of breach lifecycle and SGD4.22 million in more than 200 days of breach lifecycle.

    Related Posts