Cyber attacks are costing Australian businesses an average of $2.8 million according to new research from the Ponemon Institute.
The 2014 Cost of Data Breach Study: Australia, sponsored by IBM, details the affects of data breach on Australian firms and, for the first time, aims to predict the likelihood of a company suffering a breach in the next two years.
Results are taken from costs incurred by 22 Australian companies across 11 different sectors following more than 10 months of work and 170 individual interviews with company members.
The cost of data breaches continues to rise as the report found that for the fifth consecutive year, the cost per lost or stolen record increased by $4 – from $141 per record to $145 – which led to an increase in average cost from $2.72 million in 2013 to $2.8 million.
The report noted the likelihood of each industry suffering a data breach and found that retail and financial services companies are most at-risk.
“Specifically Australian companies in retail and financial services are far more likely to have a breach. In contrast, energy and transportation are least likely to have a breach. In all cases, it is more likely a company will have a breach involving 10,000 or fewer records than a mega breach involving more than 100,000 records.”
Consumers are abandoning companies following a data breach in record levels with average churn rates increased by 5%.
“Certain industries, such as financial and service companies are more susceptible to high customer churn, which causes their data breach costs to be higher than other industries. Taking steps to keep customers loyal and repair any damage to reputation and brand can help reduce the cost of a data breach,” the report said.
This led to a new high in terms of lost business costs per breach as they rose from $760,000 to $850,000 in 2014. These costs come from customer turn-over, reputational losses and diminished goodwill.
The report highlights the need for effective planning for cyber crime attacks as it notes that organisational factors such as a strong security posture, an incident response plan and business continuity management can have a marked effect on costs incurred by the company.
