The True Cost of Cybercrime in Brazil

Many cybersecurity eyes had been on Brazil in the run up to this summer’s events. Every system has been under scrutiny, from ticket fraud prevention to the clocks used to time athletes. But cybercrime in this region isn’t a new concern; attackers had set their sights on the country long before summer sports fever hit.

Last year, IBM X-Force Executive Security Advisor Limor Kessem detailed the over $8 billion a year Brazil loses to cybercrime. This year’s “2016 Cost of Data Breach Study: Brazil” report from the Ponemon Institute placed Brazil at the top of its list of places most likely to suffer a material data breach involving 10,000 records or more.

The cost of data breach report assessed post-breach costs incurred by 33 Brazilian companies in 12 different industry sectors. The research revealed that the average per capita cost of a data breach (per capita cost and cost per compromised record have equivalent meaning in this report) increased significantly, from R$175 (Brazilian Real) to R$225.

The total organizational cost of data breach increased from R$3.96 million to R$4.31 million, according to the report.

Some sectors saw a steeper rise in costs than others. Specifically, services, energy and financial services had a per capita data breach cost substantially above the overall mean of R$225, with services topping out at R$398. Meanwhile, public sector, transportation and consumer companies had a per capita cost well below the overall mean value.

Taking a look at the global costs year over year, Brazil has a comparatively low total per capita cost of data breach, but there was a significant increase from 2015 to 2016.

In general, the more records lost, the higher the overall cost of the data breach. Brazilian companies that suffered breaches of less than 10,000 records incurred an average cost of R$1.88 million. In larger breaches of 50,000 records or more, the cost skyrocketed to R$6.95 million.

One additional data point to note: The total cost of a breach goes up if customer churn is a factor. This includes losing a customer due to bad publicity and loss of customer confidence post-breach. When customer churn goes over 4 percent, the added cost of breach management can reach R$5.42 million. That number goes down to R$3.81 million when churn is under 1 percent.

Churn rates vary by industry. Services, financial and energy had relatively high churn rates, while the public sector had a low churn rate.

Security Intelligence

« $5m Damages Payout For Huge Healthcare Data Breach
Interpol Catches The Leader Of $60m Cybercrime Gang »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

US Cyber Command (USCYBERCOM)

US Cyber Command (USCYBERCOM)

USCYBERCOM conducts activities to ensure US/Allied freedom of action in cyberspace and deny the same to our adversaries.

StrongKey

StrongKey

StrongKey (formerly StrongAuth) is a leader in Enterprise Key Management Infrastructure, bringing new levels of capability and data security at a price point significantly lower than other solutions.

CERT.lu

CERT.lu

CERT.lu is an initiative to enhance cyber security practices and techniques, and support security professionals in Luxembourg.

Center for Research on Scientific & Technical Information (CERIST)

Center for Research on Scientific & Technical Information (CERIST)

CERIST is a scientific and technical research centre with activities focused in the area of networks, information systems and IT security.

IoTsploit

IoTsploit

IoTsploit provides 20/20 visibility of network connections, protecting critical infrastructure assets from IoT vulnerabilities.

Quantum Xchange

Quantum Xchange

As the provider of unbreakable quantum-safe encryption, Quantum Xchange gives commercial enterprises and government agencies the ultimate defense to keep high-value data safe.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

CAPSLOCK

CAPSLOCK

CAPSLOCK delivers career-changing cyber training to help adults re-skill. Learn online to become a cyber security professional and pay no tuition until you land a high-paying job.

Logit.io

Logit.io

Logit.io is a log analysis & management platform that provides a scalable solution for hosting the open-source tools Elasticsearch, Logstash, and Kibana.

HALOCK Security Labs

HALOCK Security Labs

HALOCK is an information security consultancy providing both strategic and technical security offerings.

SecureOps

SecureOps

SecureOps is transforming the Managed Security Service Provider industry by providing tailored cybersecurity solutions proven to protect organizations from cyberattacks.

Devolutions

Devolutions

Devolutions make best-in-class Privileged Access Management, Password Management, and Remote Connection Management solutions available to ALL organizations — including SMBs.

RiverSafe

RiverSafe

RiverSafe is a professional services provider specialising in Cyber Security, Data Operations and DevOps, putting security at the heart of everything we do.

FTx Identity

FTx Identity

FTx Identity is the world's most advanced age verification technology (AVT) and identity management system.

OutKept

OutKept

OutKept offers the highest quality phishing simulation campaigns, supported by a community of ethical phishers, to build awareness, and maintain alertness.

Blackmere Consulting

Blackmere Consulting

Blackmere Consulting is a Nationwide Technical and Executive Recruiting firm dedicated to Cyber Security and Information Technology.