Ponemon: Data breaches hit U.S. firms hardest

Survey finds U.S. companies suffer more costs per record, spends more to resolve malicious attacks

Data breaches are most expensive in the U.S., Ponemon Institute announced today.

According to Ponemon's 2015 Cost of Data Breach Study: Global Analysis, which surveyed 350 companies from 11 different countries, data breaches have a global average consolidated cost of $3.8 million - a 23 percent increase from 2013.

Also increasing is the consequence of each lost or hacked record with confidential information, Ponemon found. The costs acquired from each lost record went from a consolidated average of $145 to $154, a six percent increase. Ponemon found the U.S. to have the most "costly" breaches, with each record costing an average of $217.

Costs incurred by lost records was found to be the highest in the healthcare sector, which saw the average price up to $363 per record, Ponemon said. Next in line was the education sector with the average cost reaching $300, according to the firm.

Meanwhile, retail saw its average cost per lost record increasing from $105 in Ponemon's 2014 study to $165 in this year's study.

Transportation and the public sector had the cheapest data breach costs at $121 and $68 respectively, Ponemon said.

According to Dr. Larry Ponemon, chairman and founder of Ponemon, there are three reasons why the costs acquired per lost record are increasing.

"First, cyberattacks are increasing both in frequency and the cost it requires to resolve these security incidents," he said in a statement. "Second, the financial consequences of losing customers in the aftermath of a breach are having a greater impact on the cost. Third, more companies are incurring higher costs in their forensic and investigative activities, assessments and crisis team management."

In addition, Ponemon said that 47 percent of breaches studied were the result of malicious or criminal attacks. The research firm said the U.S. spends the most to resolve these kinds of attacks at $240 per record.

Marc van Zadelhoff, VP of strategy at IBM Security, said organization is needed to defend against cybercriminals.

"The growing sophistication and collaboration of cybercriminals ties directly with the historic costs we're seeing for data breaches," he said in a statement. "The industry needs to organize at the same level as hackers to help defend themselves from these continuing attacks. The use of advanced analytics, sharing threat intelligence data and collaborating across the industry will help to even the playing field against attackers while helping mitigate the cost to commerce and society."

Adapted from an article on channelnomics.com