The Ponemon Institute also found that organizations that respond to a breach too quickly and send notifications to customers immediately rather than first taking a thorough assessment of the data breach paid on average $33 more per compromised record. Additionally, organizations responding to their first data breach event paid an average of $37 more per compromised record. Data breaches caused by third parties or due to lost or stolen devices also increased the average cost of compromised records by $26 and $22, respectively.
Organizations with CISOs Pay Less
Companies prepared to deal with data breaches, paid less on average. For instance, organizations with a chief information security officer (CISO) with overall responsibility for enterprise data protection reduced their costs by as much as $80 per compromised record. The hiring of outside consultants to assist with breach response could save as much as $41 per compromised record.
"One of the most interesting findings of the 2011 report was the correlation between an organization having a CISO on its executive team and reduced costs of a data breach," Dr. Ponemon says. "As organizations of all sizes battle an uptick in both internal and external threats, it makes sense that having the proper security leadership in place can help address these challenges."
Dr. Ponemon notes, however, that it is not the existence of an executive with the CISO title that drives down the costs. Rather it is an indicator of a company that takes the threat seriously and has established good governance to mitigate the risk.
The study found that, as in past years, negligent insiders and malicious attacks are the main causes of data breaches. Thirty-nine percent of organizations say negligence was the root cause of data breaches, while malicious or criminal attacks account for 37% of total breaches. Malicious attacks also represent the most costly data breaches.
"This year's report shows that insiders continue to pose a serious threat to the security of their organizations," says Francis deSouza, group president of Enterprise Products and Services at Symantec. "This is particularly true as the increasing adoption of tablets, smart phones and cloud applications in the workplace means that employees are able to access corporate information anywhere, at any time. It is essential for companies to put the proper information protection policies and procedures in place to counterbalance these new realities."
Data Breach Prevention Best Practices
Symantec recommends that organizations follow these best practices:
Assess risks by identifying and classifying confidential information
Educate employees on information protection policies and procedures, then hold them accountable