Having trouble convincing the boss to spend on Security and Privacy protection? Read on…
The Poneman Institute, considered the pre-eminent research center dedicated to privacy, data protection and information security policy, released its 2009 Ponemon Institute “Cost of a Data Breach” Study on January 29, 2010.
In the report, they published the results of their fifth annual study on the costs of data breaches for U.S.-based companies. They surveyed 45 companies represnting 15 various industry sectors–significant contributors were financial, retail, services and healthcare companies.
Numbers-wise, the companies they interviewed lost between 5,000 and 101,000 records, at a cost range between $750,000 and $31 million.
What was really interesting was that the average per-record cost of the loss was determined to be $204.00–and how many records does your law enforcement/public safety agency hold?
Some factors they considered in computing the cost of the breach included:
- Direct costs – communications costs, investigations and forensics costs and legal costs
- Indirect costs – lost business, public relations, and new customer acquisition costs
The report also lists a number of causes for the data breaches, such as:
- 82% of all breaches involved organizations that had experienced more than one data breach
- 42% of all breaches studied involved errors made by a third party
- 36% of all breaches studied involved lost, misplaced or stolen laptops or other mobile computing devices
- 24% of all breaches studied involved some sort of criminal or other malicious attack or act (as opposed to mere negligence).
You can download the full report here: http://www.encryptionreports.com/download/Ponemon_COB_2009_US.pdf
Thoughts and comments welcomed…r/Chuck