Cost of data breaches on the rise

News
By Rene Millman
published

Firms face cost of £2 million per incident, report says

prevent a data breach

Data breaches suffered by UK organisations could cost as much as 2 million per incident, a study of real world incidents has discovered.

The average cost per compromised record has increased to 86, up from 79 in 2011. Cost per compromised record was 47 in 2005, according to the Cost of Data Breach Study, carried out by the Ponemon Institute.

More than a third of UK data breaches involve negligent employees or contractors.

The average incident now costs firms 2.04 million each, increasing from 1.75 million last year. The study looked at 38 reported incidents. These ranged in size from 3,500 records breached to just over 70,000 records, with the average incident size being 23,000.

"While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious," said Larry Ponemon, chairman of the research firm. "Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22% since the first survey."

The study looked at the direct and indirect costs incurred by 277 companies in the US, UK, Germany, France, Australia, Italy, Japan and Brazil after the loss or theft of protected personal data.

The report, commissioned by IT security firm Symantec, found that while negligence is the main cause of data breach, 37 per cent of data breaches involved negligent employees or contractors, while malicious or criminal attacks have grew slightly from 31 to 34 per cent of data breaches, making this the most expensive type of breach at 102 per compromised record.

"With more than a third of UK data breaches involving negligent employees or contractors the human factor' is still the weakest link, and so training and awareness should be a priority from the offset," said Mike Smart, product and solutions manager at Symantec.

"But here in the UK it seems that malicious attacks are becoming nearly as big a problem. Not only have more data breaches been down to malicious attacks, but when it does happen, it is far more costly."

Rene Millman
Rene Millman

Rene Millman is a freelance writer and broadcaster who covers cybersecurity, AI, IoT, and the cloud. He also works as a contributing analyst at GigaOm and has previously worked as an analyst for Gartner covering the infrastructure market. He has made numerous television appearances to give his views and expertise on technology trends and companies that affect and shape our lives. You can follow Rene Millman on Twitter.