Cost of data Breach Study (2011)
This Ponemon Institute study examines the costs incurred by 36 UK companies in 11 different industry sectors after those companies experienced the loss or theft of protected personal data and then had to notify breach victims as required by law. Results were not hypothetical responses; they represent real cost estimates for activities resulting from actual data loss incidents.
The number of breached records per incident this year ranged from approximately 3,500 records to more than 78,000 records.
In this the the fifth annual benchmark study concerning the cost of data breach incidents for UK-based companies and which was supported by Symantec, the average per capita cost of a data breach has increased from £71 to £79.
Since the Ponemon Institute began studying this issue, several EU countries have enacted laws requiring the owners of personal information databases to inform affected individuals in the event of a data security breach. In an effort to reduce administrative burdens and the cost of compliance with data protection laws, including data breach notification, Viviane Reding, European Commissioner for Justice, Fundamental Rights and Citizenship, announced the European Commission’s proposal to reform the European Union’s data protection framework. Announced in January 2012, the proposed regulation creates a single set of European rules that would be valid everywhere across the EU. This ongoing activity makes the findings even more interesting and relevant to those working to secure their ICT and Cyber operations