Study: Average Cost Of Data Breach Increases To $7.2 Million -- Security Today

Study: Average Cost Of Data Breach Increases To $7.2 Million

Mar 09, 2011

Symantec Corp. and the Ponemon Institute recently released the findings of the 2010 Annual Study: U.S. Cost of a Data Breach, which reveals data breaches grew more costly for the fifth year in a row.

The average organizational cost of a data breach increased to $7.2 million and cost companies an average of $214 per compromised record, markedly higher when compared to $204 in 2009. The study also found that for the second straight year organizations’ need to respond rapidly to data breaches drove the associated costs higher. The sixth annual Ponemon Cost of a Data Breach report is based on the actual data breach experiences of 51 U.S. companies from 15 different industry sectors.

Key findings from the study include:

Rapid response to data breaches is costing companies 54 percent more per record than companies that moved more slowly. Forty-three percent of companies notified victims within one month of discovering the breach, up seven points from 2009. In 2010, these quick responders had a per-record cost of $268, up 22 percent from 2009; companies that took longer paid $174 per record, down 11 percent.
Malicious or criminal attacks are the most expensive and are on the rise. In this year’s study, 31 percent of all cases involved a malicious or criminal act, up seven points from 2009, and averaged $318 per record, up 43 percent from 2009.
Negligence remains the most common threat. The number of breaches caused by negligence edged up one point to 41 percent and averaged $196 per record, up 27 percent from 2009. This steady trend reflects the ongoing challenge of ensuring employee and partner compliance with security policies.
Companies are more vigilant about preventing system failures. System failure dropped nine points to 27 percent in 2010. This trend indicates organizations may be more conscientious in ensuring their systems can prevent and mitigate breaches through new security technologies and compliance with security policies and regulations.
Data breach costs have continued to rise. The average organizational cost of a data breach this year increased to $7.2 million, up seven percent from $6.8 million in 2009. Total breach costs have grown every year since 2006. Data breaches in 2010 cost companies an average of $214 per compromised record, up $10 (5 percent) from last year.
Encryption and other technologies are gaining ground as post-breach remedies, but training and awareness programs remain the most popular. Sixty-three percent of respondents use training and awareness programs after data breaches, down four points from 2009. Encryption is the second most implemented preventive measure as a result of a data breach, with 61 percent. Both encryption and data loss prevention (DLP) solutions have increased 17 percent since 2008.

The study, sponsored by Symantec and independently conducted by the Ponemon Institute, takes into account a wide range of business costs, including expense outlays for detection, escalation, notification, and after-the-fact (ex-post) response. The study also analyzes the economic impact of lost or diminished customer trust and confidence as measured by customer churn or turnover rates.

The U.S. Cost of a Data Breach Study was derived from a detailed analysis of 51 data breach cases with a range of nearly 4,200 to 105,000 affected records. The study found there is a positive correlation between the number of records lost and the cost of an incident. Companies analyzed were from 15 different industries, including finance, retail, healthcare, services, education, technology, manufacturing, research, transportation, consumer, hotels and leisure, media, pharmaceutical, communications and energy.

“We continue to see an increase in the costs to businesses suffering a data breach,” said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. “Regulators are cracking down to ensure organizations implement required data security controls or face harsher penalties. Confronted with both malicious and non-malicious threats from inside and outside the organization, companies must proactively implement policies and technologies to mitigate the risk of costly breaches.”

“Securing information continues to challenge organizations at all levels, but the vast majority of these breaches are preventable,” said Francis deSouza, senior vice president, Enterprise Security Group, Symantec. “Organizations must not only protect the data itself wherever it is stored or used, but also create a culture of security including training, policies and actions. The results of this study show that companies with information protection best practices in place can greatly lower their potential data breach costs.”

At Brinks Home™ Our Security Systems Work So You Don’t Have To
05/31/2023
Evolv Technology Partners With Ricoh To Provide Comprehensive Service Delivery
05/31/2023
Is Radar the Missing Piece to Your Perimeter
05/31/2023
Summertime, And The Selling Is Easy, (If You're A Smart Lock Dealer)
05/30/2023

Featured

The Need for a Comprehensive Strategy Addressing Cybersecurity and Quantum Technology

Over the past two years, the Biden Administration has taken a series of steps centered on quantum and cybersecurity. Read Now
- Cybersecurity
IoT Saves the Day

Today, creating a safe environment across schools, hotels, office buildings, housing complexes and other facilities has become a necessity. There are so many dangers lurking in buildings of all sizes and shapes from fire hazards, vaping issues, chemical/air quality issues, intruders and so much more. Read Now
- Network Centric
- Education Security
One Pane, Less Pain

Just because a solution is built on an open-standards platform doesn’t ensure that all the vendors’ systems will work together as promised. Some features may not be supported, or not supported to their fullest potential. Read Now
- Access Control
Revamping Wrigley Field

When talking about baseball in the United States, it’s hard not to think of the Chicago Cubs and Wrigley Field. With a history spanning more than 100 years, the Chicago Cubs are one of the most recognized teams in professional sports. Read Now
- Facility Security

Webinars

Seneca,Nvidia

Simple Selling with Seneca Vision AI Validated Solutions
Hanwha Vision (formerly Hanwha Techwin)

New Ways to Train an Effective Security Team
Hanwha Vision (formerly Hanwha Techwin)

Seeing Beyond Your Perimeter

Whitepapers

Vicon Industries

Superior Security Begins with a Single Pane of Glass
Hytera

Push-to-Talk Over Cellular (PoC) for Security Professionals
Winsted Corporation

Top Considerations When Designing an Ergonomic Control Room

New Products

HID Signo Readers

HID Global has announced its HID® Signo™ Biometric Reader 25B that is designed to capture and read fingerprints in real-world applications and conditions. 3
QCS7230 System-on-Chip (SoC)

The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge. 3
Camden Door Controls Application Spec Guide

Camden Door Controls, an industry-leading provider of innovative, high quality door activation and locking products, has published a new application spec guide for specification writers designing a wireless barrier-free restroom control system. 3

Study: Average Cost Of Data Breach Increases To $7.2 Million

At Brinks Home™ Our Security Systems Work So You Don’t Have To

Evolv Technology Partners With Ricoh To Provide Comprehensive Service Delivery

Is Radar the Missing Piece to Your Perimeter