The Ponemon Institute has published the ninth annual Cost of Data Breach Study

May 6, 2014 12:04 GMT  ·  By

The ninth annual “Cost of Data Breach Study,” a study conducted by the Ponemon Institute and sponsored by IBM, has revealed that the average total cost of a data breach has increased by 15% in the last year. 

Based on data from 314 companies located in 10 countries, experts have determined that the average total cost of a data breach is $3.5 million (€2.51 million).

All of the organizations that have taken part in the study have suffered a data breach. Between 2,400 and 100,000 records have been compromised in each of the incidents.

It turns out that the most costly breaches occurred in the United States ($201 / €144 per record) and Germany ($195 / €140 per record). India and Brazil are the countries with the least expensive incidents – $51 (€36) per record and $70 (€50) per record, respectively.

There are several factors that can help reduce costs. For instance, companies with a self-reported strong security posture have reduced the cost per record with as much as $14 (€10). The involvement of business continuity management and the appointment of a chief information security officer to lead the data breach response also helped in reducing costs.

Organizations that suffer data breaches lose money not only in the response process, but also because they often lose customers. French and Italian companies have lost the largest number of customers following a data breach. At the opposite end, we have Brazil and the Arabian region.

The likelihood of a company suffering a data breach that involves at least 10,000 records is 22% over a two-year period. India, Brazil and France have been named the countries most likely to experience such incidents.

“Clearly, cybersecurity threats are a growing concern for businesses, especially when we consider how persistent data has become in the age of cloud and mobility,” said Kris Lovejoy, general manager at IBM’s security services division.

“A data breach can result in enormous damage to a business that goes way beyond the financials. At stake is customer loyalty and brand reputation.”

Coinciding with the Cost of Data Breach Study, IBM has also announced new security software and services to help organizations protect their systems and networks against advanced threats.

The new solutions are IBM Threat Protection System, which is designed to disrupt attacks before any damage is caused, and the Critical Data Protection Program, which helps organizations in protecting their most valuable data and their brand.

IDC’s Software Tracker has shown that IBM’s recent security-focused acquisitions have paid off. In 2013, the company was the third largest security vendor, moving up one position.