Newsletters
The Enterprise Security Supersite NewsFactor Sites:       NewsFactor.com     Enterprise Security Today     CRM Daily     Business Report     Sci-Tech Today  
   
This ad will display for the next 20 seconds. Click for more information, or
Home Network Security Viruses & Malware Cybercrime Security Solutions More Topics...
Eliminate costly downtime!
Find out how with Free White Paper
& enter to win a Samsung Galaxy Note

www.apc.com
Viruses & Malware
Tame your scariest paperwork. Find Out How
Average Rating:
Rate this article:  
Faster Data Security Response Time Can Be More Costly
Faster Data Security Response Time Can Be More Costly

By Barry Levine
March 8, 2011 9:47AM

Bookmark and Share
Agreeing with the Symantec - Ponemon Institute report, Chris Christensen, an analyst with IDC, said that one would expect the cost of data breaches to rise, "because of an increased regulatory environment and the cost of notification."
 


Responding quickly to data breaches costs enterprises more than a slower response. That's one of the findings of a new study from Symantec and the Ponemon Institute, released Tuesday.

The study, entitled U.S. Cost of a Data Breach, found that costs for data breaches continued to rise for the fifth consecutive year. Average organizational cost climbed seven percent this year to $7.2 million, with an average of $214 per compromised record -- compared to $204 in 2009.

Best Practices

This is the sixth such report, and it's based on responses from 51 companies in the U.S., representing 15 different industry sectors and 51 data breach cases ranging from 4200 to 105,000 affected records. As might be expected, the cost of an incident rose in proportion to the number of records lost.

Francis deSouza, senior vice president of the Enterprise Security Group at Symantec, said in a statement that "companies with information protection best practices in place can greatly lower their potential data breach costs." Symantec's recommended best practices include identifying risks, classifying confidential information, educating employees and holding them accountable, deploying data loss prevention technologies, encrypting laptops, and integrating data protection practices into business processes.

Among the key findings, the study found that a rapid response costs 54 percent more per record than a slower response. Of the surveyed companies, forty-three percent notified victims within one month of the breach discovery, which is seven percent higher than in 2009. But speed has its price, with an average per-record cost of $268 per record, an increase of 11 percent over the previous year. Slower companies' cost was an average of $174 per record, down 11 percent.

The report also found, unsurprisingly, that malicious attacks are rising and are the most expensive, with 31 percent of all cases in that category. This is seven percent over the previous study, and the average $318 cost per record was a whopping 43 percent increase.

Most Common Threat -- Negligence

The most common threat, however, was negligence, representing 41 percent of all cases. The report noted that this trend "reflects the ongoing challenge of ensuring employee and partner compliance with security policies."

But there is some good news in the report. System failure was down nine points to 27 percent. The report said this "indicates organizations may be more conscientious in ensuring their systems can prevent and mitigate breaches through new security technologies and compliance with security policies and regulations."

Training and awareness programs, as well as encryption, are the most popular post-breach fixes.

Chris Christensen, an analyst with IDC, said that one would expect the cost of data breaches to rise, "because of an increased regulatory environment and the cost of notification."

He said that, while there were no major surprises, it was "interesting that companies that did breach notification early spent more." Christensen said the implication is that faster companies had more "redundant activities" in the ensuing rush, such as "notifying more people than needed to be." On the other hand, he noted that "waiting has its own dangers," and the proper timeframe for a response would require study and decisions largely on a case-by-case basis.

The big takeaways from the study, Christensen said, are that enterprises should develop a breach notification plan, test it as they would a disaster recovery plan, and build tools to effectively assess how significant a breach was, who was affected, and what the most efficient notification process might be.

The study was sponsored by Symantec and conducted independently by the Ponemon Institute.
 

Tell Us What You Think
Comment:

Name:



APC has an established a reputation for solid products that virtually pay for themselves upon installation. Who has time to spend worrying about system downtime? APC makes it easy for you to focus on business growth instead of business downtime with reliable data center systems and IT solutions. Learn more here.


 Viruses & Malware
1.   Android 'Fake ID' Puts Millions at Risk
2.   Big DDoS Attacks Hit Record in 2014
3.   Google Hacker Team to Hunt Bugs
4.   Russian Hacker's Charges Revealed
5.   Hackers Target Western Energy Firms


advertisement
Android 'Fake ID' Puts Millions at Risk
Users: stick to apps from Google Play.
Average Rating:
Big DDoS Attacks Hit Record in 2014
Attackers often use NTP reflection.
Average Rating:
Hackers Target Western Energy Firms
Appears to be state-sponsored group.
Average Rating:


advertisement
Product Information and Resources for Technology You Can Use To Boost Your Business

Network Security Spotlight
Canadian Government Charges China With Cyberattack
The government of Canada is not happy with China. Canadian officials have accused "a highly sophisticated Chinese state-sponsored actor" of launching a cyberattack on its National Research Council.
 
Researchers Working To Fix Tor Security Exploit
Developers for the Tor privacy browser are scrambling to fix a bug revealed Monday that researchers say could allow hackers, or government surveillance agencies, to track users online.
 
Wall Street Journal Hacked Again
Hacked again. That’s the story at the Wall Street Journal this week as the newspaper reports that the computer systems housing some of its news graphics were breached. Customers not affected -- yet.
 

Enterprise Hardware Spotlight
Apple Updates MacBook Pros, Cuts Prices Up to $100
The popular MacBook Pro laptop line just got an update and a price cut of as much as $100. The MacBook Pro with Retina display now includes faster processors and double the memory.
 
Dell, BlackBerry Not Sweating Apple-IBM Alliance
IBM's recent move to partner with Apple to sell iPhones and iPads loaded with corporate applications has excited investors in both companies, but two rivals say they are unperturbed for now.
 
Watson Gets His First Customer Service Gig
Since appearing on Jeopardy, IBM's Watson supercomputer has been making a living using his super-intelligent knowledge base for business verticals. Now, Watson's been hired for his first customer service job.
 

Mobile Technology Spotlight
Virgin Mobile Offers Custom Smartphone Plans
As the wireless carrier wars continue heating up, Virgin Mobile just threw the customization coal onto the fire. The firm has debuted a no-annual-contract plan with rates based on individual use.
 
Collaboration Provider Asana Revamps Mobile App
Asana, a collaboration software provider started by a Facebook founder, is now out with a rebuilt native iOS mobile app. It replaces one that even the company admits was not up to par.
 
Android 'Fake ID' Puts Millions of Users at Risk
Having this fake ID is nothing to brag about, even if you are a minor. The “Fake ID” Android flaw drops malware into smartphone apps. It can steal credit card data and even take over your device.
 

Navigation
Enterprise Security Today
Home/Top News | Network Security | Viruses & Malware | Cybercrime | Security Solutions | Mobile Security | Disaster Recovery | Windows Security
Data Security | EST Press Releases
NewsFactor Network Enterprise I.T. Sites
NewsFactor Technology News | Enterprise Security Today | CRM Daily

NewsFactor Business and Innovation Sites
Sci-Tech Today | NewsFactor Business Report

NewsFactor Services
FreeNewsFeed | Free Newsletters

About NewsFactor Network | How To Contact Us | Article Reprints | Careers @ NewsFactor | Services for PR Pros | Top Tech Wire | How To Advertise

Privacy Policy | Terms of Service
© Copyright 2000-2014 NewsFactor Network. All rights reserved. Article rating technology by Blogowogo. Member of Accuserve Ad Network.