IBM puts the cost of a data breach at £112 per compromised record
Execs getting the message on data security
/v3-uk/news/1991243/execs-getting-message-security
25 Mar 2010, Sharon Brennan , V3
Over three-quarters of UK C-level executives have suffered a data breach at their company, and all have reported attempted attacks on their data in the past 12 months, according to new research from IBM.
The Business Case for Data Protection study, carried out by The Ponemon Institute, asked UK executives to consider the value of data security to their business.
The average cost of each data breach was estimated at £112 per compromised record, and the average cost savings or revenue improvements resulting from data protection programmes totalled £11m.
These costs come in much higher than those reported in a study by software encryption firm PGP in January, which found that the average cost of a UK data breach rose seven per cent over the past year to £64 per lost record.
Just 18 per cent of chief executives are 'very confident' that their organisation will not suffer a data breach within the coming year, but a reassuring 81 per cent said that investing in a security strategy can greatly reduce or mitigate the risk of data loss or theft.
"Once viewed as purely a technical issue, the responses garnered in our survey highlight a shift in how organisations treat their investments in security software," said Larry Ponemon, chairman and founder of The Ponemon Institute.
"Today, C-level executives believe that the cost savings from investing in a data protection programme is substantially higher than the estimated value of recovering from a breach."
Additional results show that 76 per cent of respondents feel that reducing potential security flaws within business-critical applications is the most important aspect of a data protection programme.
"The results underscore the increased understanding among business leaders around the importance of addressing security defects at the earliest stages possible, before they become too costly to fix and cause irreversible harm and damage to the business," said Daniel Sabbah, general manager of IBM Rational.
© Incisive Media Investments Limited 2010, Published by Incisive Financial Publishing Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, are companies registered in England and Wales with company registration numbers 04252091 & 04252093
Do you agree?
Data breaches have a real cost to organisations
The data from the Ponemon Institute once again serves as a stark reminder of the real world costs of lax data security.
Failure to clamp down on data security has real and painful consequences for any organisation, regardless of whether it is a public or private sector body. Data breaches cost jobs, create catastrophic bad press and can have a painful impact on the bottom line.
Coupled with the new powers of the Information Commissioner?s Office to fine companies in the UK upwards of £500,000 for each instance of a data protection failing, and the final overall cost of a breach or loss could very quickly dwarf the £4.1 million ($6.75 million) average per incident revealed by the Ponemon Institute earlier this year.
The financial impact of the breaches examined in this report underline the growing value of data as a business asset. The Ponemon Institute revealed that the most expensive data breach event in the last year cost a company nearly £19 million to resolve, the cheapest being £463,000. In the previous survey, these figures were £3.8 million and £84,000 respectively ? a massive jump in just a year.
This increase is a likely knock-on effect of two years of reduced headcount and focus around data governance among some organisations. This in turn has lead to information assets being lost, stolen and exploited due to a lack of oversight.
Fortunately, as the report shows, investment is increasing as companies look to correct such oversights before they become systemic.
Posted by Stuart Hodkinson, UK general manager, Courion, 26 Mar 2010