All the latest UK technology news, reviews and analysis
|
|
|
25 Jan 2010
The number of corporate security breaches fell last year, but the cost of each incident is on the up, according to a new study by the Ponemon Institute.
The study of attacks in 15 different industries found that the average per-incident cost of a security breach was $6.75m (£4.16m) in 2009, compared to $6.65m (£4.1m) in 2008.
A separate report from the Identity Theft Resource Center said that the number of successful attacks fell from 657 in 2008 to 498 in 2009.
"In the five years we have conducted this study, we have continued to see an increase in the cost to businesses of a data breach," said Dr Larry Ponemon, chairman and founder of the Ponemon Institute.
"With a variety of threat vectors to contend with, companies must proactively implement policies and technologies that mitigate the risk of facing a costly breach."
The fall in the number of attacks can be attributed to improved security practices, the study found, such as better staff training and awareness programmes. Another factor is the regular use of encryption, which was up 14 per cent to 54 per cent this year.
Nevertheless, the cost of a breach rose from $202 (£125) per compromised customer record in 2008 to $204 (£126) in 2009. Companies are also being hit by higher legal costs as a result of data loss.
The most expensive data breach in this year's study cost nearly $31m (£19m), and the least expensive $750,000 (£464,000).
"Customers are increasingly aware of, and expecting a secure level of protection and privacy for, the data they entrust to businesses," said Phillip Dunkelberger, president of PGP Corporation, which sponsored the study.
"Our study with the Ponemon Institute continues to demonstrate that companies whose data is not protected face expensive direct costs from cleaning up a data breach, and a loss in customer confidence that has long-lasting ramifications.
"A bright spot in this year's report illustrated that companies with chief security officer leadership had a lower cost of remediation following a breach. "
Latest stories from Security
Related articles
Related jobs
Poll
What is the most important IT priority for your company this year?
Connect with V3.co.uk
This paper focuses on a series of best practices and techniques for development teams looking to improve their software development processes
Why good data management at all levels is essential in the modern business (video, 6mins)
IT Security Specialist Move in2 Solutions /Pre-Sales...
SOFTWARE ENGINEER - BERKS - to £34k plus package WAREHOUSE...
We currently have a position for a Senior Project Manager...
JAVA DEVELOPER TRANSPORT MANAGEMENT SYSTEMS / TMS...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Data breaches pose a real threat to organisations
The data from the Ponemon Institute once again serves as a stark reminder of the real world costs of lax data security. Failure to clamp down on data security has real and painful consequences for any organisation, regardless of whether it is a public or private sector body. Data breaches cost jobs, create catastrophic bad press and can have a painful impact on the bottom line. Coupled with the new powers of the Information Commissioner?s Office to fine companies in the UK upwards of £500,000 for each instance of a data protection failing, and the final cost of a breach or loss could very quickly dwarf the £4.1 million ($6.75 million) average per incident revealed in this year?s survey. The financial impact of the breaches examined in this report underline the growing value of data as a business asset. This survey revealed that the most expensive data breach event cost a company nearly £19 million to resolve, the cheapest being £463,000. In the previous survey, these figures were £3.8 million and £84,000 respectively ? a massive jump in just a year. This increase is a likely knock-on effect of two years of reduced headcount and focus around data governance among some organisations. This in turn has lead to information assets being lost, stolen and exploited due to a lack of oversight. Fortunately, as the report shows, investment is increasing as companies look to correct such oversights before they become systemic. In short - If you think the cost of data governance is expensive, look at the overall cost to a business of a data breach.
Posted by: Todd Chambers, chief marketing officer, Courion 26 Jan 2010