The study, which polled 31 organisations that had suffered a recent data breach, reveals they lost $182 per customer record, up from around $140 in 2005, Andrew Krcik, vice president of marketing at PGP, told SC Magazine.com today at the show.
PGP and Vontu sponsored the study.
The average total loss per organisation totaled about USD$4.8 million per breach and ranged between USD$226,000 and USD$22 million, the study revealed. The brunt of the losses was attributable to lost customers, Krcik said. Roughly two percent of customers abandoned the companies following the breaches, he said.
Among the other significant drivers for the cost-per-breach increase were telephone calls made by the organisation to notify victims about the breach, Krcik said. This resulted in both direct cost and lost employee productivity. Many organisations have begun taking this approach, subscribing to the belief that "the personal touch" of a phone call "makes people less upset," he said.
Meanwhile, the study found an alarming trend that could speak to why breaches continue to plague organisations. It revealed that the affected respondents' IT security departments bore none of the data breach costs, compared to marketing (55 percent), customer support (34 percent) and legal, audit and risk management (11 percent).
"It tells you why companies have been slow to put in their preventative measures," Krcik said. "The blow doesn't fall on their heads."
But organisations must realise: "You can buy a lot of prevention for this kind of money (USD$4.8 million average total loss)," he said.
Click here to email Dan Kaplan.
From InfoSecurity NY: Cost of data breaches up nearly a third in past year, study says
By
Dan Kaplan
on
Oct 25, 2006 3:38PM
The cost of data breaches has risen 30 percent over the past year, according to a new Ponemon Institute study released Monday at InfoSecurity NY.
Got a news tip for our journalists? Share it with us anonymously here.
Sponsored Whitepapers
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future

Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection