Posted by Kevin on September 21, 2014.
I always find this sort of statement totally absurd.
The average for which companies?
The average of which breaches?
Over what period of time?
What costs are included?
My guess is that the average statistician could justify any average figure you want. But of course the higher it is, the more likely you are to spend more money on the security products of the companies that create such figures.