Earlier this year, the Ponemon Institute revealed the results of their fifth annual U.S. Cost of a Data Breach study. The study found that even though the number of data breaches dropped slightly as compared to the previous study, the average cost of a data security breach has increased since 2008. According to the study, a single data breach now costs companies an average of $204 per compromised client record. That means even a small company with 1,000 client records in their system would pay about $204,000 to repair the damage.
The study tracks multiple cost factors associated with repairing a data breach, such as:
- outlays for detection
- notification and response
- legal fees
- investigative expenses
- administrative costs
- customer defections and opportunity loss
- management of reputation
- customer support
The companies sampled by the study represented 15 different industries, in order to offer a balanced view of the costs associated with a security breach. Companies from industries such as transportation, manufacturing, technology, retail, healthcare, financial, entertainment, and more participated in the study. The study did find that inside breaches due to employee negligence have decreased, demonstrating the effectiveness of training and awareness programs which have become popular tools for prevention of data breaches. The most common form of data security breach was attributed to third-party organizations.
The most expensive data breach included in the study cost one company nearly $31 million to resolve. The least expensive data breach cost a company $750,000.
Dr. Larry Ponemon, founder of the Ponemon Institute, concluded,”In the five years we have conducted this study, we have continued to see an increase in the cost to businesses for suffering a data breach. With a variety of threat vectors to contend with, companies must proactively implement policies and technologies that mitigate the risk of facing a costly breach.”