The average cost of a data breach has risen sharply during the pandemic, according to the latest global data breach survey of IT professionals by the Ponemon Institute. Here’s a deep dive into the statistics and what it means for your organization.

What’s Happening?

Every year, Ponemon Institute, an organization that advances information and privacy management, conducts a Cost of Data Breach Report, which offers insights from real breaches to help businesses understand cyber risk.

Ponemon’s latest survey found that the average breach cost roughly $4.35 million in 2022, compared to $3.86 million in 2020 — an increase of about 13%. Note that the end of the period covered in each survey is March of that year. For example, the 2022 study covers breaches that happened between March 2021 and March 2022. So, the end of the period covered by the 2020 study happens to coincide with the start of the pandemic.

It’s also important to recall that the average cost of a breach fell slightly from $3.92 million in 2019 to $3.86 in 2020. What could have happened to make the downward trend reverse? Several factors could be at play here. But a key reason for the uptick in average cost is the prevalence of remote working arrangements that began in March 2020.

Findings from the 2022 survey showed a strong correlation between remote working and the cost of a data breach. The survey found that the cost of a data breach was about $5.1 million for organizations where 81% to 100% of employees worked remotely, compared to $3.99 million for organizations where less than 20% of employees worked remotely. In other words, the average cost of a data breach was $1.11 million (24%) higher when remote work was a factor.

That isn’t to say that employers should put an end to all remote working arrangements. In fact, they offer several upsides, including helping workers achieve a better work-life balance and lowering facilities costs. But a critical takeaway from Ponemon’s survey is that cybersecurity should be a top priority when you allow remote working arrangements.

How Can You Fortify Your Defenses?

When implementing a work-from-home policy, there isn’t a one-size-fits-all approach. These arrangements might not be appropriate for all positions over the long run, and some jobs may be better suited for a hybrid model that requires a certain amount of face time at the office.

The Ponemon survey findings point to how crucial it is for organizations to prioritize cybersecurity. The number of connected devices has skyrocketed since the start of the pandemic, and with employees working all across the country—the potential for destructive cyber breaches has never been greater. For example Bring Your Own Device, or BYOD usage has increased by 58% since 2020, and yet many organizations do not have adequate BYOD policies or monitoring. This expanded “attack surface” has highlighted the increased need for organizations to implement more cybersecurity measures into their operations.

For employees who will access your networks remotely, I recommend:

Limiting access to data and intellectual property. Customize the data and system features that each employee can access from home — access to items that aren’t essential to an employee’s day-to-day tasks should be blocked to minimize your network’s exposure to breaches.

Employing multifactor authentication. This can help safeguard against attacks through stolen credentials or devices. For example, you might require workers to log in to your network using their username and password, and then re-authenticate their identities using a second device (such as a smartphone) before they can access sensitive data or systems.

Prohibiting the use of personal devices. Ideally, employees who access your network remotely should only be allowed to use devices provided by your organization. This gives your IT department control over what’s installed on the machine, including the latest security updates. If you have a bring-your-own-device policy, it’s important to maintain some controls over the devices that will be authorized to access your network.

Training workers on how to identify and thwart the latest cyberattacks. Many of these schemes, such as phishing attacks, target the employees log-in credentials. Employees should undergo annual or biannual refresher courses to help them stay vigilant.

Proactive organizations also may adopt a so-called “zero trust” framework that extends to remote work. This mindset assumes your network’s security is always at risk to internal and external threats. So, employees should be taught to operate under the assumption that everything they receive from people inside or outside of your organization is a potential cyberthreat.

Click here for more technology tips to creating a secure home office.

We Can Help

Our information security team can help you prevent, detect and respond to cyberattacks. Given the increasing costs of data breach, you can’t afford to let your guard down. Contact us to conduct a cyber-risk assessment of your organization’s work-from-home practices.

Don’t miss our affiliate company, Envision Technology Advisors’ upcoming webinar, Tales from the Breach: Incident Response Stories from a Hacker's Point of View—Register today!