The real cost of file transfer security breaches

Cybercrime damages have reached close to $9.5 trillion annually, with the average breach costing an organization $4.9 million. You’ve likely seen some version of these numbers before, and they help make a strong case for increased cybersecurity budget in areas like secure file transfer servers that can protect your data. Today we’re going to break down the sources of those data breach costs to help you understand exactly where they come from, and why your security investment is worth it. 

Why do data breaches cost so much?

IBM’s annual Cost of a Data Breach Report identifies four main costs imposed on companies when a data breach occurs:

• Detection and escalation: The direct costs involved in identifying and remediating a breach
• Notification: Breach-related communications to victims, regulators and other stakeholders 
• Post-breach response: Longer-term costs incurred as a result of a breach, which may include legal fees, regulatory fines, operational changes, etc. 
• Lost business: The short- and long-term business fallout from a breach

Breach size is one factor — the larger the breach, the higher the costs in each of the above areas will be. However, a number of other factors drive up breach costs:

• Increased ransomware attacks that can shut down business operations until they are resolved
• Heavier regulatory fines
• Premiums paid for cybersecurity personnel in a short-staffed industry
• The complexity and location (e.g. cloud, third-party, etc.) of the affected system(s)

Below, we’ll address the specific breach cost centers.

Detection and escalation

Any activity involved in detecting and resolving a data breach falls under this category, including:

• Incident response team deployment
• Forensic investigation
• System restoration and security upgrades
• Costs incurred to harden environments and improve security postures

Critically, the longer a breach continues, the more significant costs may become — organizations that contain breaches within 200 days spend approximately $3.93 million, while those taking longer face costs of up to $4.95 million. Recognizing this fact, organizations that have invested in AI-based or automated security systems like JSCAPE by Redwood’s Automated Network Monitoring integrated within Cerberus by Redwood often see faster response times and lower costs. 

As a reference point, IBM found that 75% of breached organizations take more than 100 days to recover from an attack.

Notification

Organizations experiencing a breach have a number of reporting duties depending on their industry and regulatory jurisdiction. These can include regulator reporting, customer communications, board and executive liaisons, crisis teams and more — depending on the type of data affected. IBM’s research found that the majority of breaches include customer personally identifiable information (PII). 

The good news, if there is any, is that notification costs are generally the smallest out of all breach costs.

Post-breach response

After a breach is resolved, organizations will, unfortunately, find themselves dealing with secondary costs in areas including the following:

• Legal expenditures (defending from lawsuits, providing indemnity, renegotiating contracts, etc.)
• Regulatory fines
• Victim remediation expenses (issuing new credentials, paying for services like identity protection)
• Ongoing stakeholder communications related to the breach impact
• Increased compliance procedures

These costs can be significant. In May 2023, Ireland’s Data Protection Commission levied the largest GDPR fine on record against Meta, finding the company liable for $1.3 billion in damages for violation of the regulation when they transferred personal user data from the European Union to the United States. PCI DSS compliance fines can range up to $100,000 per month.

And Progress Software faced 127 class-action lawsuits and notices from nearly 40 customers that they intended to seek indemnity after a zero-day breach of its MOVEit file transfer software. 

Organizations also frequently underestimate increased compliance costs from a breach. These may include added staffing or consultative support, additional time spent on documentation and reporting requirements, as well as increased frequency of both proactive and mandatory audits and assessments.

Lost business

Most concerning for any breach-affected organization is the impact on the business itself. Data breaches threaten an organization’s reputation, making customer acquisition and retention more challenging while forcing the redeployment of capital and staff resources to address the breach. At the same time, operational downtime and lost productivity can delay projects and growth efforts that organizations depend on for long-term viability.

IBM’s study found that 70% of organizations experienced a “significant” impact to their business, with another report finding that organizations generally expect a 9% revenue decrease when hit with a privacy breach. Worse, 63% of those organizations passed some of cost of their lost productivity on to their customers in the form of increased prices, which can further alienate customers. 

Protecting against data breaches

Organizations can significantly reduce breach costs through proactive measures that include:

1. Implementing robust security automation and AI-powered tools
2. Conducting regular security audits
3. Initiating regular employee training programs (the majority of breaches occur from human error)
4. Planning for incident response to shorten the active breach window

Cerberus FTP Server by Redwood and the Redwood family of brands makes your file transfer security a priority. Learn more about how we do so through JSCAPE’s latest guide:, How to secure file transfers in the breach era.