Home Cost of a Data Breach Declines For First Time, According to Ponemon

Cost of a Data Breach Declines For First Time, According to Ponemon

For the first time in seven years, both the organizational cost of data breach and the cost per lost or stolen record have declined. The organizational cost has declined from $7.2 million to $5.5 million and the cost per record has declined from $214 to $194. These according to the latest Ponemon study for Symantec that was released today. The study also found organizations which employ a chief information security officer who has enterprise-wide responsibility for data protection can reduce the cost of a data breach by 35 percent per compromised record. That is a decent ROI and good news all around.

The study examined 49 data breach cases with a range of nearly 4,500 to 98,000 affected records, from 14 different industries ranging from finance to retail and transportation. Larry Ponemon has been studying this issue for many years and does extensive interviews with the IT managers at the companies who have had breaches. This year he has extended his range to cover India and Italy along with several other countries too. This is the first time he has seen a decline in the cost for the exploits, which he claims is because organizations have gotten better prepared and are using a variety of protective technologies, such as data loss prevention monitoring equipment. Also helping were faster customer notification systems too: 41% notified their customer victims within a month of what happened.

More than a third of the breaches Ponemon studied were as a result of lost or stolen devices, including laptops or USB thumb drives that contained confidential or sensitive information.

As we wrote about last year, insider threats are still huge and their negligence is still the root cause – and biggest cost — of many breaches.

Symantec has a nifty data breach calculator that is based on more than seven years of trend data here that can be used to gather intelligence for improved security investments.

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.