Channel Insider content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

More than 85 percent of organizations in a recent study reported they had experienced a data-breach event—a statistic that represents great pain for businesses that are victims of such breaches, many of which could have been avoided.

But the study also points to the tremendous opportunity for VARs to act as security experts in a largely untapped market, by knowing the regulations and offering advice and assistance on the most practical solutions to fix data vulnerabilities.

That’s one of the conclusions of Robert Scott, managing partner of Scott and Scott, a Dallas-based international law firm and technology services firm that commissioned the study.

“The whole IT compliance area around a number of different regulatory requirements is growing exponentially,” said Scott. “We’ve never seen an explosion of regulations like this and IT has not historically been subject to a great deal of regulation.”

The study, conducted by the information management research firm Ponemon Institute, found that 46 percent of businesses failed to implement encryption solutions even after suffering a data breach.

Attend Ziff Davis Media’s Managed Services Virtual Tradeshow without leaving the office. Click here to register.

The study also found that organizations reporting such breaches incurred costs across the board—75 percent lost customers, 59 percent faced potential litigation, 33 percent faced potential fines and 32 percent experienced a decline in share value.

Nearly half the reported breaches were attributed to lost or stolen equipment such as laptops, PDAs and USB memory sticks.

Yet in spite of the frequency of data breaches and the losses associated with such events, 42 percent of those responding said that their organization’s IT security spending would stay the same in the coming year.

“Despite the negative repercussions in terms of cost outlays and reputation diminishment, many companies that experience a breach do not take appropriate steps to prevent future incidents,” said Larry Ponemon, founder and chairman of the Ponemon Institute, in a statement.

“However, I’m most surprised that IT security solutions such as encryption and authorization technology are not being deployed by most companies today.”

But the widespread nature of the problem of data breaches represents a huge opportunity for VARs, according to Scott.

“I think this is where VARs are going to come in and play huge roles,” he said.