14 DAY TRIAL // A study performed by the Ponemon Institute reveals some interesting figures regarding the costs a company has to support in case of data breaches, compared to previous years.
The numbers show that for the first time in seven years the costs of data breaches have decreased considerably.
In 2011, firms paid $5.5 million (4.1 million EUR) for the organizational aspect of incidents compared to previous years when the costs were as high as $7.2 million (5.4 million EUR). The costs per stolen record have also declined from $214 (165 EUR) to $194 (145 EUR).
This means that companies have improved their methods of handling data breaches.
Most likely, the large number of incidents that have been recorded in the past few years made businesses understand that data theft or data loss is almost unavoidable and that policies and operational methods related to data breaches are a necessity.
The study also reports that, currently, customers don’t rush to abandon a company after it suffered a breach as they did in the past years. Of course, the loss of clients is inevitable in these situations and certain industries tend to lose more customers than others due to such incidents, but at least the steps taken to keep customers loyal are showing results.
On the downside, negligent employees are still one of the main causes for data breaches, closely followed by cyberattacks.
It has been established that companies which have CISOs, or the ones that hire outside consultants to assist with incident responses can save a lot of money.
Finally, the study reveals that compared to 2010, when the detection and escalation cost of a data breach was around $460,000 (345,000 EUR), in 2011 the amount dropped to $433,000 (324,000 EUR).
On the other hand, because of the stricter regulations, the costs of notifying victims have increased from $510,000 (382,000 EUR) to $560,000 (420,000 EUR).
The complete report commissioned by Symantec and performed by the Ponemone Institute is available here. Note. My Twitter account has been erroneously suspended. While this is sorted out, you can contact me via my author profile.