Cost of Data Breach Continues to Rise

By: Absolute Editorial Team | 5/26/2014

The Ponemon Institute and IBM recently released the 2014 Cost of Data Breach study, showing that the cost of data breaches continues to rise, up to $145 per lost record over the $136 from 2013. The average cost to a company was $3.5 million, 15% higher than the 2013 cost.

Report cover for 2014 Cost of Data Breach StudyThis is the 9th year of this report, analyzing actual data breach experiences from more than 250 organizations from 11 countries. The cost measurements discussed in the report include direct, indirect and opportunity costs associated with the breach, showing that the loss of customers does the greatest damage to the bottom line. Repairing brand image and acquisition of replacement customers often does not factor into organizational preparedness for data breaches.

As the Ponemon release notes, "Companies are finding that data breaches have become as common as a cold but far more expensive to treat."

Key highlights from the study:

  • The most costly breaches occurred in the U.S. and Germany at $201 and $195 per compromised record.
  • Data breaches in healthcare were the most costly, at an average of $316 per compromised record
  • The most costly data breaches were those caused by malicious and criminal attacks, including sustained probes. The U.S. and Germany paid the most at $246 and $215 per compromised record
  • Customer loyalty is greatly affected, with fewer customers remaining loyal post-breach (particularly in the financial sector). Customer churn is an average of 15% post-breach.
  • Organizational costs for investigations, notification and response post-breach were up (except in Germany)
  • 38% of companies have a security strategy to protect its IT infrastructure
  • 45% of companies have a strategy to protect their information assets

The report indicates that an incident response and crisis management plan and having a CISO can help prevent data breaches, while having a co-ordinated response to the breach, business continuity management and containment of the damage can greatly reduce the cost of data breaches, by as much as $14 per record. Many organizations surveyed wanted to see the organization security strategy double in order to strengthen security against the growing number of threats.

As part of increasing your security posture to prevent data breaches, and help detect them if they do occur, it’s important to secure organizational endpoints. Endpoints such as laptops, smartphones and tablets not only contain sensitive corporate information that could lead to a breach, they also present a risk for compromising access to corporate networks. For more on securing your endpoints, check out Absolute Computrace and read up on our advice on data security.

Financial Services