But even if the lost data is about you or your organisation, you probably didn't hear about it: only 37% of cases were notified to the subjects of the data within a month. At least that's a six percentage point improvement from last year.
The most frequent cause of data breaches was third-party mistakes. Furthermore, the average cost of such breaches was $159 per record compared with $128 for all kinds of breach.
Other relatively expensive types of breach involved criminal attacks and lost or stolen devices.
Symantec recommends the following practices:
Assess risks by identifying and classifying confidential information
Educate employees on information protection policies and procedures, then hold them accountable
Extend these policies to any third parties that manage customer information; conduct regular audits and monitoring
Deploy data loss prevention and endpoint security technologies that enable policy compliance and enforcement
Encrypt mobile devices, including laptops and smartphones, to minimise the consequences of a lost device
Integrate information-protection practices into businesses processes
The study involved interviews with multiple individuals at each of 19 Australian companies that had experienced data breaches. The companies were involved in nine different industries.
The cost figures include expenditure on detection, escalation, notification and after-the-fact response, plus the impact of lost or diminished customer trust as measured by customer churn or turnover rates.