The findings of the “2010 Annual Study: U.S. Cost of Data Breach” have been released by Symantec Corp., and the Ponemon Institute. These findings reveal that data breaches have grown more costly for the fifth year in a row, indicating that more needs to be done to protect information.

According to this study, the average organizational cost of a data breach increased to $7.2 million, costing companies an average of $214 per compromised record. This figure is significantly higher than the $204 average in 2009.The study, which drew on data breach experiences of 51 U.S. companies from 15 different industry sectors, also determined that for the second straight year, the associated costs were driven higher by organizations’ need to respond rapidly to data breaches.

Key findings from the study indicate that rapid responses to data breaches is costing companies 54 percent more per record than companies that moved more slowly. The study also determined that malicious or criminal attacks are considered to be the most expensive and are on the rise.

Negligence remains the most common threat, and companies are more vigilant about preventing system failures. As data breach costs continue to rise, encryption and other technologies are gaining ground as post-breach remedies, while training and awareness programs remain the most popular.

"Securing information continues to challenge organizations at all levels, but the vast majority of these breaches are preventable," said Francis deSouza, senior vice president, Enterprise Security Group, Symantec, in a statement. "Organizations must not only protect the data itself wherever it is stored or used, but also create a culture of security including training, policies and actions. The results of this study show that companies with information protection best practices in place can greatly lower their potential data breach costs."

Symantec offers a few recommendations that organizations can implement to protect their data, whether they have already suffered a breach or not:

·         Identify and classify confidential information to assess risks;

·         Educate employees on information protection policies and procedures and then hold them accountable;

·         Deploy data loss prevention technologies to enable policy compliance and enforcement

·         Proactively encrypt laptops to minimize consequences of lost devices;

·         Integrate information protections practices into business processes.

"We continue to see an increase in the costs to businesses suffering a data breach," said Dr. Larry Ponemon, chairman and founder of the Ponemon Institute. "Regulators are cracking down to ensure organizations implement required data security controls or face harsher penalties. Confronted with both malicious and non-malicious threats from inside and outside the organization, companies must proactively implement policies and technologies to mitigate the risk of costly breaches."

Sponsored by Symantec and independently conducted by the Ponemon Institute, the study takes into account a wide range of business costs, including expense outlays for detections, escalation, notification and after-the-fact response. This study also analyzes the current economic impact of the loss of diminished customer trust and confidence measured according to customer churn or rates of turnover.