We continue to look at highlights from the annual Ponemon Cost of a Data Breach Study, sponsored by Symantec. Be sure to visit Symantec’s Press Release and the download page to get the full report. A couple more highlights are worth mentioning this time around:

• For the first time, malicious or criminal attacks are the most expensive cause of data breaches and not the least common one
• Organizations are more proactively protecting themselves from malicious attacks

Perhaps we would call this some bad news, and some good news. A summary of these points is found on page 5 of the study. In the past, directly malicious or criminal attacks were the least common cause of breach. This is not to say that they were not potent and very damaging, but merely that they were relatively uncommon. Not true anymore. Incidents of direct, malicious attack are on the rise.

Thankfully, this is at least somewhat tempered by some good news: there seems to be an increase in organizations proactively protecting themselves from malicious attack. Clearly, some are “getting it” and starting to take action before the breach, rather than merely reacting after it. Remember, an ounce of prevention is worth a pound of cure.

Don’t forget to dig in and take a look at the study using the links above.