The cost to organisations of a data breach is now £79 per record, a rise of £8 in a year.
According to research by Symantec and Ponemon Institute, the cost of a data breach has risen by 68 per cent in five years for UK businesses, with negligent employees or contractors posing the biggest risk to organisations with them being responsible for more than a third (36 per cent) of all data breaches.
Based on the data breach experiences of 36 UK companies, the report revealed that the actual organisational cost of a breach declined from £1.9m in 2010 to £1.75m in 2011, but they cost companies an average of £79 per compromised record. Almost half of that (£37) pertains to indirect costs such as lost business, reputational damage or churn of existing customers.
Mike Jones, senior product marketing manager at Symantec, commented: “We're noticing that companies at risk of data loss are becoming wise to the financial impact of a data breach. These businesses are implementing steps not just to prevent loss but to mitigate the damage, should a breach occur.
“We've shifted to an age where data breaches are now just a common occurrence. As such, UK consumers have become somewhat de-sensitised to data losses, but that doesn't mean that businesses should become complacent. The cost of data loss still remains high and, in tighter economic times, even a single-digit increase in customer churn can be terminal to profitability.”
The report found that fewer records were being lost in breaches and businesses that do suffer data loss are less likely to be abandoned by customers, with the average abnormal churn decreasing from 3.3 per cent in 2010 to 2.9 per cent.
Malicious or criminal attacks have increased slightly from 29 per cent to 31 per cent and are the most costly for organisations. For those organisations with a CISO who has overall responsibility for enterprise data protection, the average cost of a data breach can be reduced by as much as £18 per compromised record.