The cost per record lost in a data breach was 68% higher in 2011 than it was in 2007 and over a third of data breaches last year were caused by negligent workers.
The latest report from Symantec on the cost of data breaches revealed that breaches cost £79 per record last year, up from £71 in 2010 and 68% higher than £47 per record in 2007.
But despite the increased cost per record, the 2011 UK Annual Study: Cost of a Data Breach found that as a result of improved preparation and responses to data breaches, the overall cost of a data breach to organisations fell from £1.9m in 2010 to £1.75m last year.
Mike Jones, senior product marketing manager at Symantec, said the report shows that companies at risk of data loss are becoming wise to the financial impact of a data breach.
“These businesses are implementing steps not just to prevent loss but to mitigate the damage should a breach occur,” he said. “It’s not just direct costs, such as fines from The Information Commissioner’s Office (ICO), that need to be considered, although these help to drive the business case for preventative measures, but also indirect costs such as brand impact and disappointed customers leaving the brand.”
Over a third (36%) of breaches were caused by negligent employees or contractors, according to the report. “Businesses need to show that they are aware of this and be seen to react in an appropriate way,” said Jones. “They need to take protective measures to proactively monitor the level of control and the access to company data that they give to individual employees and prevent accidental or purposeful misuse.”
While the study found customers are now less likely to stop doing business with an organisation that has a data breach, certain industries, such as financial services or pharmaceutical companies, remain more susceptible to customer churn, causing the cost of their data breaches to be higher than the average.