Symantec and the Ponemon Institute have released the findings of a study which says that the average organisational cost of a data breach has increased to $7.2m in 2010.
The study "2010 Annual Study: U.S. Cost of a Data Breach" reveals that data breaches grew more costly for the fifth year in a row and cost companies an average of $214 per compromised record, as compared to $204 in 2009.
The study also found that organisations’ need to respond quickly to data breaches drove the associated costs higher for the second year in a row.
The report is based on the actual data breach experiences of 51 US companies from 15 different sectors.
Among the key findings of the study is the fact that rapid response to data breaches is costing companies 54% more per record than companies that moved more slowly and malicious or criminal attacks are the most expensive.
Negligence remains the most common threat with the number of breaches caused by negligence increased one point to 41% and averaged $196 per record, up 27% from 2009.
However, companies seem to be more vigilant about preventing system failures. System failure dropped nine points to 27% in 2010.
Encryption and other technologies are gaining ground as post-breach remedies, but training and awareness programs remain the most popular.
Symantec has recommended assessment of risks, educating employees about risks and proactively encrypting laptop computers among its best practices to be followed for organisations whether or not they have suffered a data breach.
Ponemon Institute chairman and founder Larry Ponemon said regulators are cracking down to ensure organisations implement required data security controls.
Ponemon said, "Confronted with both malicious and non-malicious threats from inside and outside the organization, companies must proactively implement policies and technologies to mitigate the risk of costly breaches."
Symantec Enterprise Security Group senior vice-president Francis deSouza said the vast majority of these breaches are preventable.
"Organisations must not only protect the data itself wherever it is stored or used, but also create a culture of security including training, policies and actions," said deSouza.
The results of this study show that companies with information protection best practices in place can greatly lower their potential data breach costs."
