The thing to remember concerning what you hear about data breaches is that you’re hearing only about what gets reported — and plenty of data breaches never get reported.

Even so, the numbers we do have are plenty scary. A study on data breaches — 2010 Annual Study: U.S. Cost of a Data Breach, published last March — conducted for Symantec by the Ponemon Institute tells us that in 2010 (the most recent info we have), the average data breach cost $7.2 million, up from $6.6 million in 2009. 

Data breach costs are rising faster than average for organizations that have never suffered a data breach before (their costs increased 43% in 2010 compared to 2009). Also, according to the study, which Symantec and Ponemon have conducted for several years, in 2010 malicious or criminal attacks became the most expensive cause of data breaches — the cost of a malicious breach jumped 48% over 2009.

The bulk of data breach cost — 63% in 2010 — is a function of lost business. And it’s pretty clear from the numbers that if you invest in breach detection & escalation and after-the-fact response, you’ll lose less business when a breach does occur.