March 04, 2009

Cost of a Data Breach

Download the Ponemon Institute report on the cost of a data breach

I mentioned this study in a previous blog post, but now we have the official 2008 Ponemon Institute benchmark study on the cost of a data breach, so please download and read the 31 page PDF. You remember that big number: $6.6 million for the average breach.

Among the study’s key findings:

Total costs continue to increase: The total average costs of a data breach grew to $202 per record compromised, an increase of 2.5% since 2007 ($197 per record) and 11% compared to 2006 ($182 per record). Breaches are costly events for an organization; the average total cost per reporting company was more than $6.6 million per breach (up from $6.3 million in 2007 and $4.7 million in 2006) and ranged from $613,000 to almost $32 million.
Cost of lost business continues to carry the highest impact: The cost of lost business continued to be the most costly effect of a breach averaging $4.59 million or $139 per record compromised. Lost business now accounts for 69%of data breach costs, up from 65% in 2007, compared to 54% in the 2006 study.
Third-party data breaches increase, and cost more: Breaches by third-party organizations such as outsourcers, contractors, consultants, and business partners were reported by 44% of respondents, up from 40% in 2007, up from 29% in 2006 and 21% in 2005.
“First timers” cost more, repeat breaches continue: Data breaches experienced by “first timers” are more expensive than those experienced by organizations that have had previous data breaches. Per-victim cost for a first time data breach is $243 vs. $192 for experienced companies. More than 84% of all cases in this year’s study involved organizations that had more than one major data breach.
Training and awareness programs lead companies’ efforts to prevent future breaches, according to 53% of respondents. 49% are creating additional manual procedures and controls. Of the technology options, 44% of companies have expanded their use of encryption technologies, followed by identity and access management solutions to prevent future data breaches.

Enjoy. Well, be warned. Heed the report’s advice and get your data secured – especially at the Web application level.

by
Erin Swanson
Eswanson@cenzic.com


	Ponemon Institute report on the cost of a data breach
	Read how much it costs for the average data breach
	http://www.cenzic.com/downloads/Ponemon_Study_2008.pdf

Topic Tags: cost of a data breach, data breach

by Erin Swanson

↑top

link to this

Post a Comment

Title:

Summary:

Comment:

Links:

Your info:

Name:		Required; will be displayed with comment.
E-mail:		Required (in case we need to contact you); will NOT be displayed with comment.
Web:		Optional; will use to hyperlink your name in the comment.
Twitter:		Optional; allows visitors to follow you on Twitter.
Save this in my browser

Verification:

Type the characters you see in the picture above.

Letters are case sensitive.

Notice: Your thoughtful opinions are valued and encouraged, but all comments are moderated so there will be a delay between the time you post your comment and when it appears in this site. Please don't be offended if your comment is edited for clarity or to avoid questionable matters. Offensive or off-topic comments will be deleted.