Data breaches suffered by UK organisations could cost as much as 2 million per incident, a study of real world incidents has discovered.
The average cost per compromised record has increased to 86, up from 79 in 2011. Cost per compromised record was 47 in 2005, according to the Cost of Data Breach Study, carried out by the Ponemon Institute.
More than a third of UK data breaches involve negligent employees or contractors.
The average incident now costs firms 2.04 million each, increasing from 1.75 million last year. The study looked at 38 reported incidents. These ranged in size from 3,500 records breached to just over 70,000 records, with the average incident size being 23,000.
"While external attackers and their evolving methods pose a great threat to companies, the dangers associated with the insider threat can be equally destructive and insidious," said Larry Ponemon, chairman of the research firm. "Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22% since the first survey."
The study looked at the direct and indirect costs incurred by 277 companies in the US, UK, Germany, France, Australia, Italy, Japan and Brazil after the loss or theft of protected personal data.
The report, commissioned by IT security firm Symantec, found that while negligence is the main cause of data breach, 37 per cent of data breaches involved negligent employees or contractors, while malicious or criminal attacks have grew slightly from 31 to 34 per cent of data breaches, making this the most expensive type of breach at 102 per compromised record.
"With more than a third of UK data breaches involving negligent employees or contractors the human factor' is still the weakest link, and so training and awareness should be a priority from the offset," said Mike Smart, product and solutions manager at Symantec.
"But here in the UK it seems that malicious attacks are becoming nearly as big a problem. Not only have more data breaches been down to malicious attacks, but when it does happen, it is far more costly."
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Capita tells pension provider to 'assume' nearly 500,000 customers' data stolenCapita told the pension provider to “work on the assumption” that data had been stolen
-
Gumtree site code made personal data of users and sellers publicly accessibleNews Anyone could scan the website's HTML code to reveal personal information belonging to users of the popular second-hand classified adverts website
-
Pizza chain exposed 100,000 employees' Social Security numbersNews Former and current staff at California Pizza Kitchen potentially burned by hackers
-
83% of critical infrastructure companies have experienced breaches in the last three yearsNews Survey finds security practices are weak if not non-existent in critical firms
-
Identity Automation launches credential breach monitoring serviceNews New monitoring solution adds to the firm’s flagship RapidIdentity platform
-
Neiman Marcus data breach hits 4.6 million customersNews The breach took place last year, but details have only now come to light
-
Indiana notifies 750,000 after COVID-19 tracing data accessedNews The state is following up to ensure no information was transferred to bad actors
-
Pearson fined $1 million for downplaying severity of 2018 breachNews The SEC found the London-based firm made “misleading statements and omissions” about the intrusion
