Einstein famously defined insanity as "doing the same thing over and over again and expecting different results." So why do companies continue to follow the same archaic security strategies while data breaches are at an all-time high?

We decided to take a closer look at this issue and did some research to compare data breach trends with security technology spending. What did we find? Companies continue to invest heavily in network and device security while allocating just 1% of their security budgets toward protecting cyber criminals' top target: data. In fact, a recent Impact Report from 451 Research sums this point up nicely:

"… it's better to focus scarce resources on securing the data itself rather than spending ever-higher sums erecting tighter boundaries around it. The logic is sound: despite the billions of dollars spent each year on perimeter and endpoint security, the bad guys keep finding new ways in, and the data breach parade rolls on without a hiccup."

This interactive infographic shows security spending and data breach trends over the past five years - click an orb to launch a whole year's worth of threats and get a breakdown of how companies invested in security as well as the top breaches and threats for that year.

Number of Data Breaches Per Year

Year Number of Data Breaches 2010 761 2011 855 2012 621 2013 1367 2014 2122

Source: Verizon Data Breach Investigations Report, 2011-2015

Number of Records Exposed by Data Breaches, Per Year

Year Number of Records Exposed 2010 3.8 million 2011 174 million 2012 44 million 2013 822 million 2014 700 million

Source: Verizon Data Breach Investigations Report, 2011-2015; 2013 total from RBS

Top Threat Actions by Year

Year Threat Actions 2010 Physical Tampering, Spyware, Data-exporting Malware 2011 Brute Force, Spyware, Use of Stolen Credentials 2012 Spyware, Backdoor Exploitation, Use of Stolen Credentials 2013 Use of Stolen Credentials, Data-exporting Malware, Phishing 2014 Use of Stolen Credentials, RAM-scaping Malware, Spyware

Source: Verizon Data Breach Investigations Report, 2011-2015

Top 5 Data Breaches by Year, By Records Exposed

Year Data Breach and Number of Records Exposed 2010 ECMC: 3.3 million records JP Morgan Chase: 2.6 million records Betfair: 2.3 million records NYC Health & Hospitals Corp: 1.7 million records Gawker.com: 1.5 million records 2011 Sony Playstation Network: 77 million records Steam: 35 million records Tianya: 28 million records Sony Online Entertainment: 24.6 million records Nexon Korea Corporation: 13.2 million records 2012 Court Ventures: 200 million records Zappos: 24 million records Blizzard: 14 million records Apple: 12.4 million records Greek Government: 9 million records 2013 Target: 70 million records Evernote: 50 million records Living Social: 50 million records Adobe: 36 million records Yahoo Japan: 22 million records 2014 Sony: 100 terabytes eBay: 145 million records JPMC: 76 million records Home Depot: 56 million records Korea Credit Bureau: 27 million records

Source: Information is Beautiful

Annual Security Technology Spending Breakdown

Year Security Spending by Technology Layer 2010 Network Security: $16,190,720,000 (43%)

Database Security: $7,153,400,000 (19%)

Application Security: $5,059,600,000 (14%)

Endpoint Security/Antivirus: $5,059,600,000 (14%)

Identity Management: $3,541,720,000 (9%)

Data Protection: $436,000,000 (1%)

Total Annual Security Technology Spend: $37,441,040,000 2011 Network Security: $17,222,400,000 (39%)

Database Security: $9,301,360,000 (21%)

Application Security: $6,314,880,000 (14%)

Endpoint Security/Antivirus: $6,314,880,000 (14%)

Identity Management: $4,592,640,000 (10%)

Data Protection: $458,000,000 (1%)

Total Annual Security Technology Spend: $44,204,160,000 2012 Network Security: $19,667,200,000 (43%)

Database Security: $9,352,600,000 (20%)

Application Security: $6,760,600,000 (15%)

Endpoint Security/Antivirus: $6,146,000,000 (13%)

Identity Management: $3,687,600,000 (8%)

Data Protection: $481,000,000 (1%)

Total Annual Security Technology Spend: $46,095,000,000 2013 Network Security: $19,771,800,000 (39%)

Database Security: $10,649,020,000 (21%)

Application Security: $7,908,720,000 (16%)

Endpoint Security/Antivirus: 5,931,540,000 (12%)

Identity Management: $5,272,480,000 (11%)

Data Protection: $555,000,000 (1%)

Total Annual Security Technology Spend: $50,088,560,000 2014 Network Security: $20,631,180,000 (37%)

Database Security: $8,587,460,000 (15%)

Application Security: $8,537,040,000 (15%)

Endpoint Security/Antivirus: $9,959,880,000 (18%)

Identity Management: $7,114,200,000 (13%)

Data Protection: $661,000,000 (1%)

Total Annual Security Technology Spend: $55,490,760,000

Sources:

Total Annual Security Spending Figures from Gartner Forecast: Information Security, Worldwide, 2010-2018

By-Layer Security Spending Percentages from Forrester Research, Content Security Predictions: 2011 and Beyond, Content Security: 2012 Budget and Planning Guide, Understand The State Of Network Security: 2012 To 2013, Understand The State Of Data Security And Privacy: 2013 To 2014, Understand The State Of Data Security And Privacy: 2014 To 2015