A survey carried out by Kaspersky and B2B International on 5,500 companies in 26 countries highlighted the importance of securing a company's IT infrastructure against accidental or intentional data breaches.

According to gathered data, a security breach usually incurs costs of $551,000 / €485,000 for large enterprises, and $38,000 / €33,500 for SMBs (small-to-medium businesses).

On top of these costs directly involved in recovering from the data breach, companies also reported additional, indirect spending of $69,000 / €61,000 for larger companies, and $8,000 / €7,000 for SMBs.

90% of companies experienced a security breach

All these numbers are quite relevant since 9 out of 10 companies that took part in the survey admitted to a security breach, and 46% of them even said they lost critical and sensitive information.

Direct costs meant hiring IT consultants (69% of the companies), hiring risk management consultants (43%), lawyers and solicitors (37%), physical security consultants (36%), auditors and accountants (35%), management consultants (35%), and PR and corporate image consultants (24%).

Indirect costs referred to spending that came from the failure of third-party suppliers, employees fraud, cyber-espionage actions, network intrusion, hacking, intentional leaks, phishing-caused losses, accidental leaks, mwalre infections, DDOS attacks, and costs inflicted by the presence of software vulnerabilities.

Fear is what motivates companies to invest in preventing data breaches

As the report indicates, companies are taking security breaches much more seriously compared to previous years, and IT professionals and their management are fearing they'll lose temporary access to critical business information the most (50%).

The second most feared result as the aftermath of a data breach is loss of credibility to the company's name (43%), temporarily losing the ability to trade with other companies (38%), the loss of future contracts (30%), and the costs that come with hiring IT professionals to fix and improve their infrastructure (25%).

Kaspersky's study also shows that data breaches rarely make it to the media, only one in five, to be more exact. What's even worse is that only in 44% of the cases affected clients are informed, 36% of the cases affected suppliers are informed, 32% of the cases all the company's customers are told, and only 29% of the cases local authorities and regulators are contacted.

The full Damage Control: The Cost of Security Breaches report can be downloaded from Kaspersky's website.

[FULLIM=2]