The cost of a data breach to Australian companies is on the decline, bucking the global trend, according to a study.
The IBM sponsored Ponemon Institute research - 2016 Cost of Data Breach - found that the cost per compromised record as well as the overall cost of a breach to an organisation had decreased.
The total average cost of a breach decreased for the first time: from $2.82 million in 2015 to $2.64 million this year. The per record cost fell for the second year running to $142 after peaking in 2014 at $145.
The study noted that Australian companies were particularly good at retaining customers in the wake of a breach and experienced no increase in 'abnormal churn'. Costs relating to reputational damage and diminished goodwill fell slightly.
Extensive use of encryption, incident response plans, employee training, CISO appointments, business continuity management and threat sharing also helped decrease overall costs.
Although the average number of lost or stolen records had increased slightly among the 26 local companies questioned, businesses had become more efficient when dealing with the fall out of a breach, researchers said.
Detection and escalation costs, including forensics and investigations, audits and crisis team management decreased slightly from an average of $1.16 million last year to $1.10 million in 2016.
The cost of activities following a breach, like running help desks, identity protection services and legal expenditure also fell, as did the cost of notifying affected customers.
Glen Gooding, IBM security business unit executive ANZ, urged caution around the figures.
"Based on what we see overseas, Australia is similarly minded in the way we provide our protective controls, but the actual trends of security attacks take a while to filter down to us," he said.
"When I first got wind of the report I'm thought, 'Gosh, Australia is in such a great position and we're doing such a great job with our security controls and managing things appropriately that we're actually seeing a decline'. I eat and breath this for a living and I'm in front of customers and that's certainly not the case based on my own experience."
He added that he'd observed more CISOs being appointed and that incident response was becoming a "most talked about item".
The study showed that a malicious or criminal attack was the most common cause of a data breach with 46 per cent of companies experiencing an attack of this sort. Negligent employees or contractors were to blame for 27 per cent of incidents, and another 27 per cent were due to system glitches.
Results indicated it took Australian respondents more than five months to detect that an incident occurred and almost two months to contain the incident.