Weekly Video: August 1, 2022

Hello and welcome to another edition of Cyber Risk at Deal Speed, your weekly video rundown of cybersecurity news and strategy for investors, deal teams, and the management teams of portfolio companies.

I’m your host, Shay Colson, Managing Partner for Cyber Diligence at Coastal Cyber Risk Advisors, and you can find us online at coastalcyber.io

This week is all about RECORD HIGHs.

We’re dealing with a heat wave here in the Pacific Northwest, that’s setting record highs across the region.

We’re also seeing record highs in the cybersecurity world, which is what we’re going to look at in our stories this week —

And we’re going to do it in 5 minutes or less

1. New Data: Average Cost of a Breach

2. Healthcare Breach Cost

3. Tenet Health as a Regulatory Preview

New Data: Average Cost of a Breach

IBM Security released the 2022 Cost of a Data Breach Report, revealing costlier and higher-impact data breaches than ever before, with the global average cost of a data breach reaching an all-time high of $4.35 million for studied organizations.

“nearly 50% of breach costs are incurred more than a year after the breach” - making accounting that much more difficult, and potentially skewing our perspective on the impact of these events.

In terms of how the breaches are occurring, compromised credentials continued to reign as the most common cause of a breach (19%), phishing was the second (16%) and the costliest cause, leading to $4.91 million in average breach costs for responding organizations.

Both of these threats can be significantly reduced through a robust multi-factor authentication program, paired with some security awareness training, which should be considered table-stakes now in 2022.

Healthcare Breach Cost

“A healthcare data breach now comes with a record-high price tag—to the tune of $10.1 million on average, according to IBM Security's annual Cost of a Data Breach Report. IBM looked at looked data breaches from March 2021 to March 2022.”

That’s up 9.4% from the same timeframe a year earlier. Healthcare has had the highest breach-related financial damages for 12 consecutive years, according to IBM's report.

The average breach in healthcare increased by nearly $1 million and the cost has jumped 41.6% since the 2020 report.

In 2021, 45 million individuals were affected by healthcare attacks, up from 34 million in 2020. That number has tripled in just three years, growing from 14 million in 2018,

Tenet Health Incident and a Regulatory Preview

Finally, we also saw Tenet Healthcare’s Q2 earnings report, which included an “unfavorable impact” of approximately $100 million as a result of an April cyberattack.

Along with an unfavorable impact of approximately $100 million to adjusted EBITDA, the company’s net operating revenues experienced a decline of 11 percent compared to Q2 2021.

The decline was partially attributed to the cyberattack” and given the note in the IBM study that 50% of breach costs occur more than 1 year from the breach, we can expect to see future earnings reports dampened.

This type of earnings report should serve as a useful preview for other public companies as the SEC’s proposed cyber rule gets closer to implementation.

Be ready to quantify and report these metrics, thinking carefully about how you’re investing in controls, security maturity, and resilience - which will also be a required reporting component.

Fundraising

Speaking of business continuing, congratulations to the more than $5.8.B in newly committed capital last week.

Again, it sounds small compared to some of the recent numbers, but when we think about it as raising nearly a billion dollars per day, it sounds a bit more impressive.

Best of luck to all the funds with new capital to deploy.

You can find all the links to the stories we covered in the comments section below, and we’ll see you next week with another edition of Cyber Risk at Deal Speed.

LINKS:

https://www.helpnetsecurity.com/2022/07/27/2022-cost-of-a-data-breach-report/

https://www.fiercehealthcare.com/health-tech/healthcare-data-breach-costs-reach-record-high-10m-attack-ibm-report

https://healthitsecurity.com/news/tenet-healthcare-cyberattack-leads-to-100m-in-lost-q2-revenue