Since 2016, Verizon has annually declined to estimate the average cost of a data breach. Verizon reasons that since there are many variables that can determine breach cost, there is no reliable “average” data point. There are, however, identifiable factors that we know impact breach cost, like industry sector, threat actor, number of records, impacted data type etc. So, the more we know about a particular entity’s risk profile, there better equipped that entity is not only to protect itself but also to predict the potential cost of a breach.
Enter Chubb’s Cyber Risk Index. It’s 20 years of claims data, organized by industry, annual revenue and time period. Since industry sector and company size are significant differentiators in the context of data breach analyses, this tool lets companies hone in on meaningful data about the nature and extent of their data breach risk. And it’s free, whether you’re insured by Chubb or not.
I played with the interactive index a bit and here are a few interesting data points: