Breach, Data Security, Incident Response, Malware, TDR

Data breach costs drop for first time in study

Despite 2011 bringing no slowdown to breaches, the price of each incident actually fell.

According to Symantec's annual "Cost of a Data Breach Study," for the first time since the survey began in 2006, the cost fell, from $7.2 million to $5.5 million. Put another way, that worked out to $194 per compromised record, down from $214 in 2010.

Patricia Titus, CISO of Symantec, attributed the drop to organizations having a better handle on how to respond to security incidents. Outfits that conducted a thorough assessment of the breach before notifying victims and ones that had a designated security professional in charge of enterprise data protection tended to pay less per breach.

"It's now becoming business as usual," Titus said in an interview with

The study, conducted by the Ponemon Institute, analyzed 49 breaches, whose losses ranged from 4,500 to 98,000 records. It chose not to examine any of the mega-breaches from 2011 because they are not common and would skew the results.

The incidents' cost took into account a number of factors, including hiring forensic examiners, providing phone support to victims and offering credit monitoring services. Also included were "indirect costs," such as internal man hours devoted to detecting and responding to the breach, in addition to reputational harm and customer churn.

Detection rates declined, which means businesses are doing a better job of determining that a breach happened and locating the source of it, according to the report. However, due to myriad regulations, notification costs rose.

Meanwhile, the study found that fewer customers are turning their backs on companies that sustain data losses. Titus credited this to the availability of consumer tools to prevent ID theft, as well as more of a general acceptance that breaches happen.

"People are becoming more familiar with it," she said. "It's not something new. People are realizing that they if they do a few smart things, there's significantly less chance of [a financial] impact."

The study, which looked at breaches in 14 different sectors, reflected a rise in hacker attacks. It determined that half of the cases were due to a malware infection, while a third were caused by a "criminal insider." Another 28 percent of the breaches involved the theft of a device containing personal information.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.