More businesses and organisations are being hit with the costs of security breaches and data loss than ever before and security firm PGP’s annual report has shown in real terms the financial burdens imposed by typical data loss incidences.
The PGP study has revealed that it costs a business an average of £1.68 million to account for a single incidence of data loss. This can be reduced to a total cost of around £64 for each individual piece of information that is leaked, stolen or left behind.
PGP contracted the Ponemon Institute to carry out the study and it is the first of its kind to actually distinguish private companies from public organisations.
The report proves that the costs of data loss are much greater for privately owned businesses than they are for public sector organisations, with UK enterprises faced with costs of £69 per compromised record, compared with £59 for public bodies.
Further analysis of the figures allows the true impact of data loss to be appreciated in full. The most significant costs resulting from data loss are incurred when a business loses out on future custom because the trust of its clients has been lost. Nearly 50 per cent of the costs can be attributed to this.
PGP’s CEO Phil Dunkelberger said that the figures were not inclusive of penalties imposed by regulatory bodies, although this did not detract from the clearly damaging nature of the average data loss on a business’ finances.
Mr Dunkelberger also said that customer trends would be altered as a result of a typical security breach, causing consumers to rely on cash payments in preference to cards and making it difficult to win new clients.
Despite clearly significant rises in costs, Mr Dunkelberger believes that some businesses are still not prepared to heed warnings as to the dangers of inadequate security.
Analyst Bob Tarzey commented on the report, saying that despite claims to the contrary, more businesses were concerned with the security of their data than ever before. Mr Tarzey said that businesses were not solely looking to protect themselves against the threat of a data security breach, but were interested in ensuring that when the inevitable occurs they are able to recover and continue to grow.