Problem exacerbates already high inflation

Implementation of Personal Data Protection Act starting from the month of June this year, have initiated many consultations and public hearing to clarify on going implementation and penalties of data breaches. This act is to protect the consumers identity and is not implemented to make business difficult to operate. The first year of the implementation of PDPA will go through various trial and error by the business; where breach of PDPA will firstly be warned and consulted to fix their breach issue.

However, constant breach of PDPA and intentional breaches will face penalties which will be investigated and penalized by the PDPC. The following article explains the Penalties and cost of PDPA breach.

Asean has seen the average cost of a data breach hit all-time high of US$2.87 million in 2022, up 8% from a year before, according to the latest report by American IT giant IBM, with the problem believed to be heaping pressure on already high inflation. The cost is shown in IBM’s Cost of Data Breach Report 2022, based on in depth analysis of 550 breached organisations worldwide between March 2021 and March 2022.

The report shows costlier and higher-impact data breaches than ever, with the Asean average cost of a data breach reaching an all-time high of $2.87 million for surveyed organisations.

With breach costs increasing almost 8% in a year across Asean, the findings suggest these incidents may also be contributing to rising costs of goods and services, according to IBM.

At the global level, 60% of organisatons examined raised the prices of their products or services due to the breach, while the cost of goods is already soaring worldwide amid inflation and supply chain issues. Globally, the average cost of a data breach hit $4.35 million in 2022, a surge of 13% over the past two years.

According to the report, 83% of those surveyed globally have experienced more than one data breach in their life-time, while nearly 50% of the breach are incurred more than a year after the preach. The report shows 80% of critical infrastructure organisations studied did not adopt a zero trust strategy, therefore seeing average breach costs rise to $5.4 million – $1.17  million higher than those that do.

Some 28% of data breaches among the organisations were caused by ransomware or destructive attacks. Ransomware victims in the study that opted to pay the ransom demand saw only $610,000 less in average breachcosts compared to those that chose not to pay – not including the cost of the ransom.

Some 43% of firms studied are in the early stages or have not started applying security practices across their cloud environments, observing over $660,000 on average in higher breach costs than mature security firms. According to the report, artificial intelligence (AI) and automation tools can be an effective cost saver in defending against cyberthreats.

Participating organisations fully deploying security AI and automation incurred $3.05 million less on average in breach costs compared to organisations studied that have not deployed the technology – the biggest cost saver observed in the study.

“The more business try to perfect their perimeter instead of investing in detection and response, the more breaches will fuel cost of living increases,” said Surarit Wuwong, country leader of IBM Thailand’s technology group.

“It’s clear today that the right security strategies coupled with the right technologies, such as AI, automation and the adoption of hybrid cloud and zero trust strategies, pay off in reducing the cost of data breaches further down the line.”

Source: Bangkok Post