• Request consultation
  • Newsletter
  • Deutsch Deutsch German de
  • English English English en
  • Italiano Italiano Italian it
  • Nederlands Nederlands Dutch nl
Greenbone
  • Products
    • OPENVAS BASIC
      • OPENVAS BASIC: Order
    • OPENVAS SCAN
    • Upcoming Solutions
      • OPENVAS SECURITY INTELLIGENCE
      • OPENVAS AI
    • Solutions for Your Sector
      • Educational Sector
      • Healthcare Sector
      • Public Sector
    • Technology
      • Feed Comparison
      • Product Comparison
        • OPENVAS vs. Nessus
      • Roadmap & Lifecycle
  • Service & Support
    • Technical Support
    • Self-Learning Courses
    • Documents
  • Events
    • Cybersec Europe 2026
    • Webinars
  • Partners
    • MSSP
  • About Greenbone
    • Careers
    • Contact
  • Blog
    • Know-how
      • Attack Vector Timeline
      • Cyberattacks and Defense
      • Cyber Defense Security
      • Cyber Resilience Act
      • Data Security
      • Digital Operational Resilience Act
      • Exposure Management
      • IT and Information Security
      • NIS2 Directive
      • Open Source Vulnerability Management
      • The Vulnerability Timeline
  • Click to open the search input field Click to open the search input field Search
  • Menu Menu
  • Products
    • OPENVAS BASIC
      • OPENVAS BASIC: Order
    • OPENVAS SCAN
    • Upcoming Solutions
      • OPENVAS SECURITY INTELLIGENCE
      • OPENVAS AI
    • Solutions for your sector
      • Educational Sector
      • Healthcare Sector
      • Public Sector
    • Technology
      • Feed Comparison
      • Product Comparison
        • OPENVAS vs. Nessus
      • Roadmap and Lifecycle
    • Request IT Security
  • Service & Support
    • Technical Support
    • Self-Learning Courses
    • Documents
  • Events
    • Cybersec Europe 2026
    • Webinars
  • Partners
    • MSSP
  • About Greenbone
    • Careers
    • Contact
    • Newsletter
  • Our Blog
    • Know-how
      • Attack Vector Timeline
      • Cyberattacks and Defense
      • Cyber Defense Security
      • Cyber Resilience Act
      • Data Security
      • Digital Operational Resilience Act
      • Exposure Management
      • IT and Information Security
      • NIS2 Directive
      • Open Source Vulnerability Management
      • The Vulnerability Timeline
  • German
  • English
  • Italian
  • Dutch
Joseph Lee

Proactive Cybersecurity Reduces the Cost of a Breach

Blog

From a bird’s eye view, the cumulative cost of cyber-crime is estimated to reach 9.2 Trillion USD globally in 2024. According to the 2023 IBM X-Force Cost of a Data Breach Report, a single breach imposes an average of 4.45M USD of financial damage on a victim and while US firms incur more than double the global average, German organizations fared on par with the global average.

The most staggering costs are incurred by post-breach remediation activities such as incident response, digital forensics, system recovery, and mandatory disclosure reporting, while regulatory fines can also significantly add to cyber breach costs. Change Healthcare has forecasted an expected loss of 1.6B USD this year due to a breach that occurred in March 2024 and as discussed below, regulatory fines may be pending.

These potential damages highlight the importance of proactive security measures for preventing successful cyber attacks but also mitigating the financial impact should one occur​. The Ponemon Institute found that missing security patches accounted for 57% of cyber attacks. Getting breached less often is an obvious benefit of implementing preventative cybersecurity measures, but according to IBM, organizations with proactive risk-based vulnerability management (RBVM), also experience lower than average expenses post-breach (3.98M USD) compared to organizations without such measures (4.45M USD), those suffering from a skills shortage (5.36M USD), or those deemed non-compliant with cybersecurity regulations (5.05M USD).

Cost Of The Change Healthcare Post Ransomware Attack

In March, 2024 Change Healthcare suffered a ransomware attack that has so far burdened the company with roughly 872M USD in damages, and delayed 6B USD in health insurance payments. Change Healthcare forecasts an annual expected loss of 1.6B USD due to the incident. Established in 2007, Change Healthcare is a leading healthcare technology company selling revenue cycle management, payment accuracy, and clinical data exchange services globally​. A 2022 acquisition saw the company valued at 8B USD​.

HIPAA Compliance Investigation Into Change Healthcare

On top of that steep damage, the US HHS Office for Civil Rights, the entity responsible for enforcing the Health Insurance Portability and Accountability Act (HIPAA), has opened an investigation into the attack seeking to determine whether Change Healthcare violated its compliance requirements. The HIPAA Security Rules require covered entities to implement “recognized security practices” to protect ePHI against reasonably anticipated security threats.

Continuous vulnerability management activities are a fundamental component of all modern cybersecurity frameworks. If it can be called a bright side, the most severe penalties for HIPPA non-compliance are capped at a mere 2M USD; short change in comparison to the overall cost of response and recovery for this particular incident.

The Greenbone Vulnerability Management platform is capable of implementing customized compliance tests to meet any framework including CIS, DISA STIG, HIPAA, and more, and Greenbone is certified for both its information security management systems ISMS (ISO 27001), quality management (ISO 9000), and most recently, environmental management (ISO-14001).

Contact Test Now Buy Here Back to Overview

Joseph Lee
Joseph Lee

Joseph has had a varied and passionate background in IT and cyber security since the late 1980s. His early technical experience included working on an IBM PS/2, assembling PCs and programming in C++.

He also pursued academic studies in computer and systems engineering, anthropology and an MBA in technology forecasting.

Joseph has worked in data analytics, software development and, in particular, enterprise IT security. He specialises in vulnerability management, encryption and penetration testing.

LinkedIn

29. May 2024/by Joseph Lee
Share this entry
  • Share on LinkedIn
  • Share by Mail
https://www.greenbone.net/wp-content/uploads/greenbone-logo-2025.png 0 0 Joseph Lee https://www.greenbone.net/wp-content/uploads/greenbone-logo-2025.png Joseph Lee2024-05-29 16:06:292025-10-02 11:34:15Proactive Cybersecurity Reduces the Cost of a Breach

Search

Search Search

Archive

  • 2026
  • 2025

Newsletter

Subscribe Now

OPENVAS BASIC

Our entry-level enterprise product

Test 14 Days Free of Charge

Products & Solutions

  • OPENVAS PRODUCTS
  • OPENVAS SECURITY INTELLIGENCE
  • OPENVAS SCAN
  • OPENVAS BASIC
  • OPENVAS FREE
  • OPENVAS AI
ISO9001-EN

Service & Support

  • Technical Support
  • FAQ
  • Documents
  • Warranty
  • Open Source Vulnerability Management
  • Cyber Resilience Act
ISO27001-EN

About us

  • About Greenbone
  • Partners
  • MSSP
  • License information
  • Privacy Statement
  • Terms & Conditions
ISO14001-EN

Contact with us

  • Contact
  • Newsletter
  • Media Contact
  • Careers
  • Security Response
  • Imprint
  • Grounding Page

Community

  • Community Portal
  • Community Forum
© Copyright - Greenbone AG 2020-2026
  • Link to LinkedIn
Link to: Protection of Office Suites: Greenbone Integrates Additional BSI Basic and CIS Guidelines Link to: Protection of Office Suites: Greenbone Integrates Additional BSI Basic and CIS Guidelines Protection of Office Suites: Greenbone Integrates Additional BSI Basic and CIS... Link to: May 2024 Threat Tracking: Global CVE Disclosures Continue to Heat up Link to: May 2024 Threat Tracking: Global CVE Disclosures Continue to Heat up May 2024 Threat Tracking: Global CVE Disclosures Continue to Heat up
Scroll to top Scroll to top Scroll to top
Contact
Request IT Security Contact Us Subscribe to Newsletter Follow on LinkedIn