The average cost of an information security breach has almost tripled in the past two years, according to a survey conducted by professional services firm PricewaterhouseCoopers.
The firm revealed the results of its information security breach survey at the InfoSecurity conference in London today. The survey found that an average breach costs the victim organisation £280,000 and £690,000, up from a range of £90,000 to £170,000 in 2008, when the survey was last conducted.
Back then, the report found that data breaches were on the wane. In the intervening years, however, technological developments such as social networking and cloud computing have increased the incidence of breaces: 90% of large businesses questioned said that they had suffered at least one information security incident in the past two years, which included both cyberattacks and accidental data loss.
PwC said that UK organisations had so far been “ill-prepared” to deal with the security threats posed by new technologies, though not for want of trying.
“Almost half the organisations we polled told us they had increased their expenditure on information security in the last year and roughly the same number said they expected to spend more on it next year," said Chris Potter, a partner at PwC’s informtion security practice. “However, this focus is not translating into fewer breaches of security; in fact the number has risen to well over double what it was two years ago and has reached record levels for all sizes of organisation.”
Potter yesterday told the Financial Times that he believed the total cost of cybercrime in the UK had more than doubled since PwC’s last survey in 2008 from "around £3 billion to £5 billion" to "at least £10 billion".