The average cost of a data breach to Australian organisations soared $2.16 million in 2011, warn Symantec.
 Telstra suffered a high profile data breach last year. |
“Malicious or criminal attacks” were the top data breaches (36%) Australian business experienced and the most expensive last year, costing a massive $183 per record lost.
The average cost to an organisation from data breaches was a whopping $2.16 million.
Costs of lost or stolen data also jumped $10 to $138 (per record) in 2011 and affected 36% of all org’s, while other causes of data breaches were “individual negligence and system glitches” – each accounting for 32% of local breach incidents, compared to 39% in the US.
Many data breaches involved mistakes by third parties including outsourcers, cloud providers and business partners, according to Symantec study which quizzed 22 Oz companies from ten different industries.
This comes as several high profile data breaches occured in the last year including Telstra, which the Privacy Commissioner is still investigating, which saw close to one million Big Pond customers details available freely online.
Read: Telstra Under Scrutiny By Privacy Watchdog
“The large volume of data breach incidents occurring over the last year has put data breaches high on the agenda for Australian executives,” said Craig Scroggie, Symantec vice president and MD, Pacific.
Businesses need to focus on policies and technologies that improve their ability to prevent and detect data breaches and take steps to repair any reputational damage after a data breach has occurred, which can significantly reduce asociated costs.
Costs relating to reputational damage, diminished goodwill and increased customer acquisition activities also increased sharply last year, the study also found, and rose by 22% to to $840,000.
While countries including the US are experiencing a decrease in the cost of a data breach, Australia’s costs continue to rise, Scroggie warned.
“Australian businesses continue to focus their efforts on mitigating the damage once a breach has occurred, rather than prevention.
“Many data breach incidents still go unreported in Australia, leaving customers unaware that their personal information has been compromised and organisations to improve their ability to respond to data breaches,” he added.
But the good news for companies is “for the first time, fewer customers are abandoning companies that have a data breach.
However, industries including technology and communications are more susceptible to customer churn, meaning more breaches by Telstra and co could push users away from their services.
Symantec recommends best practices to prevent data breaches:
1. Assess risks by identifying and classifying confidential information
2. Educate employees on information protection policies and procedures, then hold them accountable
3. Extend these policies to any third parties that manage customer information; conduct regular audits and monitoring
- Deploy data loss prevention and endpoint security technologies that enable policy compliance and enforcement
5. Encrypt mobile devices, including laptops and smartphones, to minimise the consequences of a lost device
6. Integrate information-protection practices into businesses processes Symantec Cost of Data Breach Study quizzed 22 Australian companies from ten different industries.
