February 10, 2008   Sign In |  About ebizQ |  Contact Us |  Join ebizQ Gold Club
Peter Schooff
Peter Twenty-Four Seven Security
 Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

« Can Spam Be Stopped? | Main | Instant Messaging A Growing Target »

October 31, 2006
Data Breach Costs Skyrocket

As both the quantity and quality of work being transmitted electronically grows exponentially, the cost of each data breach has soared.

An article at Search Security quotes a Ponemon Institute survey which estimates that the costs of such breaches average out at $182 dollars per compromised record, which is a 31% increase over 2005. The total costs ranged from less than $1 million to over $22 million.

Broken down, these costs include printing and postage of notification letters, hiring a law firm to address any legal issues, offering credit monitoring subscriptions to customers, implementing a support hotline and contract call center, as well as factoring in customer defections.

It was calculated that IT had no costs associated with a breach, as those costs tend to be up front, but one would imagine that one expensive data breach would lead a company to desire better data security controls. But Larry Ponemon, founder and chairman of the Institute, said, “A breach may expose a flaw in implementation, or a hole that can be addressed through training, but not necessarily a need for new direct investments.”

The study also revealed a lack of company guidelines for dealing with a data breach. While it was found IT was responsible for 53% of the breaches, no single group was put in charge of responding to a breach.

Finally, as more data is put at risk, and as more companies do business with consultants, outsourcers, and external partners (30% of breaches originated with outside sources), this problem is only going to grow.

What companies need to do is focus on preventing a breach, and have a plan in place and a person in charge if a breach does occur. Said Steve Roop, VP of San Francisco based Vontu Inc., “Technologies need to make end users more aware of security best practices, because employees need to know what the security policies of an organization are and if they are mishandling data.”

Tags:


Tags:

Posted by pschooff in Better Protection |Digg This|Add to del.icio.us

Trackback Pings

TrackBack URL for this entry:
http://www.ebizq.net/mt/mt-tb.cgi/903

Comments Post a comment




Remember Me?

(you may use HTML tags for style)

We ask that you type your code (displayed below) in the text box.This code is an image that cannot be read by a machine. It prevents automated programs from submitting comments.


Code:



Most Recent ebizQ Blog Entries
ADVERTISEMENT
Subscribe
News Feed
Recent Posts
Categories
Archives
Blog Roll
Blogosphere
This Work
Accountability:The opinions expressed in this blog are solely representative of the blog's author, and not of ebizQ
Subscribe to our Newsletters
ebizQ Weekly Gold Club Update
Live Webinar Updates
Updates from ebizQ Partners
ebizQ SOA Update
ebizQ BPM Update
ebizQ Security Update
ebizQ BI Update
ebizQ Open Source Software Update
Virtual Show Newsletter
Your E-mail Address:
BAM: The Killer App for CEP
Date: Feb 12, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Event Processing Market Pulse
Date: Feb 14, 2008
Time: 12:00 PM ET
(17:00 GMT)
I WANT TO ATTEND
Archived Webinars | Upcoming Webinars

Marketing Solutions | Feedback | About ebizQ | Unsubscribe | Privacy Policy | Site Map