Cost of Breaches Increasing
The latest US Cost of a Data Breach study out of the Ponemon Institute indicates that the costs of data breaches are going up. Again.
Each year, we write about how the costs per breach are rising. In 2007 it was $197 per breached record; in 2008 it was $202; in 2009 it was $204. The study for this year indicates that the cost per breached record in 2010 was $214. This is a large leap in cost per breached record over previous years.
The report indicates that companies averaged $7.2 million per data breach event. In addition, there is a serious impact to company trust when data breaches occur. Some people assume that customers will become immune to breach notifications, but data indicates that's not the case.
Dr. Ponemon draws out some highlights from the study, including:
- Rapid response to data breaches costs more, rather unfortunately. This may be because customers are being notified when no risk is present - companies that use forensics to narrow the customers to those only at risk will lower costs
- Malicious criminal attacks are causing more breaches (31% in 2010, up from 24% in 2009 and 12% in 2008)
- Malicious attacks are the most expensive because they are harder to detect and remediate
- Negligence is the leading cause of data breaches (41%)
That said, the report indicates that companies are being more proactive in their approach to information security. Download the study here [PDF]
