Data Breach Costs Increase

Sue Marquette Poremba
Slide Show

Data Breach Costs Hit $7.2 Million and Show No Sign of Leveling Off

When my friends ask me why they should care about the security measures of the companies they do business with (or why they should be a little more careful with their own business-related security measures), I tell them in terms they understand: Bad security is expensive and eventually, expenses trickle down to the consumer. And I suspect it will get worse before it gets better.


A recent Ponemon Institute study confirms this, stating that the cost of a breach went up in 2010 to approximately $214 per record, $10 more per breached record when compared to 2009. According to the report:

The U.S. Cost of a Data Breach Study was derived from a detailed analysis of 45 data breach cases with a range of approximately 5,000 to 101,000 records that were affected. The study found that there is a positive correlation between the number of records lost and the cost of an incident. Companies analyzed were from 15 different industries, including financial, retail, healthcare, services, education, technology, manufacturing, transportation, consumer, hotels and leisure, entertainment, marketing, pharmaceutical, communications, research, energy and defense.

Other findings from the report include:


  • The cost of a data breach as the result of malicious attacks and botnets were more costly and severe.
  • Negligent insider breaches have decreased in number and cost, most likely resulting from training and awareness programs having a positive effect on employees' sensitivity and awareness about the protection of personal information. Additionally, 58 percent have expanded their use of encryption up from 44 percent last year.
  • Organizations are spending more on legal defense costs that can be attributed to increasing fears of successful class actions resulting from customer, consumer or employee data loss.


Add this up and a data breach-whether it be from a hacker into the network, a Trojan or someone losing a laptop-is going to cost individual companies a lot of money.


True, we'll never totally stop breaches from happening, but companies can take action, especially as more sophisticated tools to detect and prevent breaches become available. As Steve Shillingford, president and CEO of Solera Networks stated:

Breaches do occur and will continue. Next generation threats are being specifically architected to subvert installed security defenses. Knowing the full extent of a breach is key to appropriately dealing with it.

Add Comment      Leave a comment on this blog post

Post a comment





(Maximum characters: 1200). You have 1200 characters left.




Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.