Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
GET RECOGNIZED.
Let an ISACA® certification
elevate your career.

Register today and save
Network Security
24/7/365 Network Uptime!
Average Rating:
Rate this article:  
Cost of Data Breaches Falls 24%, Study Finds
Cost of Data Breaches Falls 24%, Study Finds

By Barry Levine
March 20, 2012 1:46PM

Bookmark and Share
This seventh annual Ponemon Cost of Data Breach Study is based on actual data breach cases from 49 U.S. companies, representing 14 industries. The average per capita cost of a data breach is now $194, down from the last report's $214. Organizationally, costs for a data breach have declined from an average of $7.2 million to $5.5 million.
 


The average organizational cost for data breaches dropped 24 percent from 2010 to 2011, according to a new study by security firm Symantec and the Ponemon Institute, a research organization. The cost of data breaches declined because companies are getting better at managing the costs, such as detection and escalation.

Although notification costs have increased, customer loss following a breach has lessened, as customers are apparently getting used to data loss incidents. Additionally, more data loss prevention technologies are being employed and fewer records are being lost in individual breaches.

'Anywhere at Any Time'

The average per capita cost of a data breach is now $194, down from the last report's $214. Organizationally, costs for a data breach have declined from an average of $7.2 million to $5.5 million.

Other costs in a data breach include outside forensic experts, outsourcing hotline support, and providing free credit monitoring subscriptions or discounts for future products and services, to retain customer loyalty following a breach. There are also indirect costs, such as in-house investigations and communication.

These average costs did not include data from catastrophic breaches involving more than 100,000 records, since they are not typical in the U.S. The report looked at incidents ranging from 4,500 records to about 98,000 records, with the average being 28,349.

This seventh annual Ponemon Cost of Data Breach Study is based on actual data breach cases from 49 U.S. companies, representing 14 industries.

Malicious attacks are about 25 percent more costly than other kinds, but, the study said, organizations with a chief information security officer, or CISO, can reduce the cost of a data breach. A CISO with responsibility for enterprise data protection can help to reduce the average cost of a data breach by as much as $80 per record.

CISO 'Makes Sense'

Larry Ponemon, chairman and founder of the Ponemon Institute, told news media that this correlation between having a CISO and reducing data breach costs was "one of the most interesting findings" in the new report. He noted that it "makes sense that having the proper security leadership in place can help address these challenges."

Aside from employing a CISO, Symantec recommends that best practices should include educating employees on policy and holding them accountable, encrypting laptops, implementing two-factor authentication, and using an integrated security solution that includes proactive threat protection, firewalls and intrusion protection.

While malicious attacks cost the most, negligence is seen as the root cause of data breaches by 39 percent of the organizations surveyed. Malicious attacks are now more than a third of the total reported.

Francis deSouza, group president for Enterprise Products and Services at Symantec, said in a statement that the threat from insiders is heightened by the increasing use of mobile devices, which allow employees "access to corporate information anywhere, at any time."

The Ponemon Institute conducts independent research, educational efforts, and the verification of data protection and privacy practices to advance "responsible information and privacy management practices in business and government."
 

Tell Us What You Think
Comment:

Name:



Salesforce.com is the market and technology leader in Software-as-a-Service. Its award-winning CRM solution helps 82,400 customers worldwide manage and share business information over the Internet. Experience CRM success. Click here for a FREE 30-day trial.


 Network Security
1.   Juniper DDoS for High-IQ Networks
2.   Big DDoS Attacks Hit Record in 2014
3.   U.N.: Nations Hide Digital Snooping
4.   Can Google Stop Zero Day Flaws?
5.   Google Hacker Team to Hunt Bugs


advertisement
Android SMS Worm on the Loose
Malware lets bad actors cash in.
Average Rating:
Big DDoS Attacks Hit Record in 2014
Attackers often use NTP reflection.
Average Rating:
Can Google Stop Zero Day Flaws?
Security top priority for search giant.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Juniper DDoS Solution Aims at High-IQ Networks
In the face of more complex attacks, Juniper Networks is boosting its DDoS Secure solution to help companies mitigate the threats with more effective security intelligence throughout the network fabric.
 
Large-Volume DDoS Attacks Hit Record in 2014
The number of distributed denial-of-service (DDoS) attacks set a record in the first half of 2014, according to a report by Arbor Networks. The number of attacks over 20 GB/sec doubled.
 
U.N.: Nations Hide Rise in Private Digital Snooping
Governments on every continent are hiding an increasing reliance on private companies to snoop on citizens' digital lives, the U.N. human rights office says, with grave concerns about privacy.
 

Enterprise Hardware Spotlight
Contrary to Report, Lenovo's Staying in Small Windows Tablets
Device maker Lenovo has clarified a report that indicated it is getting out of the small Windows tablet business -- as in the ThinkPad 8 and the 8-inch Miix 2. But the firm said it is not exiting that market.
 
Seagate Unveils Networked Drives for Small Businesses
Seagate is out with five new networked attached storage products aimed at small businesses. The drives are for companies with up to 50 workers, and range in capacity from two to 20 terabytes.
 
Another Day, Another Internet of Things Consortium Is Born
In the emerging Internet of Things, zillions of devices will be talking to each other. Samsung, Intel and Dell just formed a consortium to ensure each thing can understand what others are saying.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.