Home / Technology / Data Breach Response Plan And Trends: Everything You Should Know About Them
Data Breach Response Plan

Data Breach Response Plan And Trends: Everything You Should Know About Them

Data security is gaining increased importance with each passing day. As data breaches become increasingly common, companies of all sizes and industries face pressure to execute reliable data protection measures and data breach response plans. Last year was no different, as regulators and cyber attackers increased this pressure on all countries’ organizations. Many new trends related to data breaches and their response plans are emerging nowadays in such a situation. Various factors cause these trends, and if you, too, are planning to put your data breach response plan in place, you need to know about these trends. That’s why we’ve decided to put them together in this article. Let’s begin with an explanation of the data breach response plan first.

Understanding A Data Breach Response Plan

As it seems by its name, a data breach response plan is the strategy that you adopt to respond in the situation of a data breach. It’s a set of actions that allow organizations to act swiftly in a coordinated manner as soon as they detect a data breach.

The steps included in this plan may be both technical (i.e. encryption of data, systemwide scanning of anti-malware software, regeneration and buy SSL certificates, etc.); and procedural (the precautions needed to be taken by the employees). This plan’s primary purpose remains to minimize the organization’s financial and reputational damage that the breach can cause.

Factors That Impact Data Breach Response Time

Many factors impact the response time of a company in case of a data breach.

Time Consumed In Detection:

Before you can respond to a data breach, you need to know that your data has been compromised. If you don’t come to know of the violation for a long time, you won’t be able to respond to it until the damage has been done. Therefore, it’s necessary to have robust data breach detection procedures and tools in place.

Lack Of A Clearly Defined Response Plan:

Once the breach has been discovered, the next step is to swing into action. However, the actions required to be taken must be articulated clearly. If your response plan in the situation of a data breach is not predetermined or defined clearly and concisely, you’ll find yourself and your team wondering what to do next. This can give the attacker the crucial time that he needs to increase the damage further.

Outdated Technology:

Often, the time consumed in responding to an attack or data breach is increased because of the organization’s obsolete technology. For instance, many of the first steps involved in a data breach response plan can be automated with the latest security software’s help, which can reduce your response time and increase difficulties for the attacker even before your team comes into action.

But if the tech stack being used by your organization is outdated, it becomes difficult to achieve because such features may or may not be present in your tools.

Privacy Laws:

Finally, law enforcement sometimes affects how quickly companies detect and respond to a data breach. In countries where the law requires companies to report a data breach within 72 hrs, companies are more alarmed about cyberattacks and data breaches. So the law of a country also affects whether or not companies quickly respond to data breach incidents.

With that in mind, now let’s take a look at the average data breach detection and containment times of various industries.

Average Time To Detect And Contain Data Breaches By Industry

The response time of companies involved in various industries varies significantly. According to a 2018 data breach report published by IBM, while companies engaged in the energy industry respond to a data breach in 150 days on average, companies involved in entertainment take up to 287 days. Here’s a summary of the average data breach response times for various industries based on that report:

Industry Data Breach Detection Time Data Breach Containment Time
Entertainment 287 days 80
Healthcare 255 days 103
Media 225 days 78
Education 217 days 84
Retail 208 days 69
Hospitality 195 days 72
Consumer 194 days 82
Transportation 192 days 60
Services 191 days 66
Pharma 190 days 63
Public sector 190 days 57
Technology 179 days 60
Communications 173 days 58
Research 169 days 53
Manufacturing 168 days 63
Financial Services 163 days 54
Energy 150 days 72

These are alarming figures because of how much damage can be done by an attacker in an extended dwell time. But an even more concerning part of the picture is that even after detection, it takes at least seven weeks to contain them. This proves that there’s a need to educate people in various industries about data breaches, detect them, and quickly respond to them.

Average Cost Of Data Breach For Various Industries

We already know how long it takes for each industry to detect and contain a data breach on average. But if we want to learn more from that data, we need to compare it with the cost of attack for all these industries. So here’s a snapshot of how much a data breach costs per capita for industries mentioned above:

Industry Cost of Data Breach (per capita)
Entertainment $145
Healthcare $408
Media $134
Education $166
Retail $116
Hospitality $140
Consumer $120
Transportation $128
Services $181
Pharma $174
Public sector $75
Technology $170
Communications $128
Research $92
Manufacturing $152
Financial Services $206
Energy $167

To understand these costs, it’s important to note what Per Capita Cost means here. According to IBM’s report, the number of records compromised from each company involved in their study stood between 2,500 to 100,000 records in a single data breach.

Each record represents a real-world user whose data was stolen. The tabulated costs represent the average loss that each of those users had to incur because of the breach. If you do the maths, it’s not difficult to find out the scale of these numbers now:

  • Minimum loss: $75 * 2,500 users = $187,500
  • Maximum loss: $408 * 100,000 users = $40,800,000

In short, the cost of a data breach for an average company ranges between $187,000 to $41 million. You can find the minimum and maximum range for your industry by dividing the average cost per capita of your industry by the maximum and the minimum number of records that can be compromised (i.e. 2,500 and 100,000, respectively).

Data Breach Response Time Trends

When we compare the cost of data breaches against the detection and containment time of data breaches for all industries, the following trends emerge clearly:

First of all, most companies are highly unaware of data breaches’ threats and how to deal with them. That’s why they take so many days to detect a breach and contain it. Many of them don’t even have the necessary security features implemented in their websites and servers (i.e. SSL certificates, strong passwords, malware scanners, etc.), making stealing their data easy.

The Healthcare industry has the highest cost of data breach attacks. Perhaps that is because of the long time it takes in detecting the attacks, while the sensitivity of data that remains with such companies is significant.

The financial services industry has the second-highest cost for data breaches, even though it detects and contains the attacks more quickly than most other industries. That may be the case because it’s a highly regulated industry – not detecting and preventing an attack promptly results in steep fines over companies involved in this business.

Tech companies and pharma contain their attacks in 60 days on average but still experience a relatively higher data breach cost. Again, the cause may be the nature of data that can be stolen from such companies – patents, product information, and other sensitive information that can harm the companies’ reputation, many of which also tend to be listed on the bourses.


So that was some of the critical information about data breaches and their trends. All this information further affirms the need to educate employees in your organization about data breaches and devise a clear Data Breach Response Plan. If you don’t do that in time, your business may also join the long list of companies that learn this lesson the hard way. Don’t let it happen and put a data breach response plan in place today.

About Yashwant Shakyawal

Avatar for Yashwant Shakyawal
Yashwant Shakyawal is a passionate, innovative, and curious digital marketing specialist with experience in Social Media Optimization, web content creation, Content Marketing, Search Engine Optimization, and brand marketing.