BankInfoSecurity has a good summary of findings from the Ponemon Institute's fifth-annual study on the cost of a data breach. See "Data Breach Report: Malicious Attacks Doubled in 2009, Average Cost of a Breach is Now $204 Per Record."

The Ponemon Institute study, which is sponsored by PGP, is an interesting companion to Proofpoint's own annual study on data loss prevention issues (visit this link to download a copy of Proofpoint's latest report on Outbound Email and Data Loss Prevention in Today's Enterprise). Among the top findings from this year's study by Ponemon, which is based on a survey of 45 US enterprises that experienced data breaches during 2009:

• The average organizational cost of a data breach increased by about 2%, from $6.65 million (2008) to $6.75 million (2009). On a per-compromised record basis, the average cost rose from $202 to $204 per compromised record. Ponemon says that the most expensive data breach event including in their latest study cost the organization almost $31 million to resolve.
• More US companies are using technology to prevent and remediate data breaches. Among the related findings: 58% of surveyed organizations expanded their use of encryption technology, 42% increased use of data loss prevention solutions.
• Data breaches caused by malicious attacks and botnets doubled from 2008 to 2009, and those breaches were 40% more costly than breaches involving negligent insiders or system glitches.

There's a lot of other interesting data in the Ponemon report, the full version of which can be downloaded from http://www.encryptionreports.com (note that Proofpoint is not affiliated with that site or the Ponemon Institute).