We use cookies and other similar technologies (Cookies) to enhance your experience and to provide you with relevant content and ads. By using our website, you are agreeing to the use of Cookies. You can change your settings at any time. Cookie Policy.

Twenty-Four Seven Security

Peter Schooff

Data Breach Costs Skyrocket

Vote 0 Votes

As both the quantity and quality of work being transmitted electronically grows exponentially, the cost of each data breach has soared.

An article at Search Security quotes a Ponemon Institute survey which estimates that the costs of such breaches average out at $182 dollars per compromised record, which is a 31% increase over 2005. The total costs ranged from less than $1 million to over $22 million.

Broken down, these costs include printing and postage of notification letters, hiring a law firm to address any legal issues, offering credit monitoring subscriptions to customers, implementing a support hotline and contract call center, as well as factoring in customer defections.

It was calculated that IT had no costs associated with a breach, as those costs tend to be up front, but one would imagine that one expensive data breach would lead a company to desire better data security controls. But Larry Ponemon, founder and chairman of the Institute, said, “A breach may expose a flaw in implementation, or a hole that can be addressed through training, but not necessarily a need for new direct investments.�

The study also revealed a lack of company guidelines for dealing with a data breach. While it was found IT was responsible for 53% of the breaches, no single group was put in charge of responding to a breach.

Finally, as more data is put at risk, and as more companies do business with consultants, outsourcers, and external partners (30% of breaches originated with outside sources), this problem is only going to grow.

What companies need to do is focus on preventing a breach, and have a plan in place and a person in charge if a breach does occur. Said Steve Roop, VP of San Francisco based Vontu Inc., “Technologies need to make end users more aware of security best practices, because employees need to know what the security policies of an organization are and if they are mishandling data.�


Leave a comment

Peter Schooff's blog is a daily look at what's going on in the world of computer security with an emphasis on how it affects businesses.

Peter Schooff

Peter Schooff is Contributing Editor at ebizQ, and manager of the ebizQ Forum. Contact him at pschooff@techtarget.com

Recently Commented On

Monthly Archives