Select language:    Bookmark and Share  
Home   Buy now   Screenshots   Compare   Download   Support   Partners   Contact
Product Info
Live video demos
Report & Management Live Demo
Editions Comparison
Why MyUSBOnly
Report & Management New!
Version History
Download free trial
See our clients
Buy now
Locate a local reseller
Purchase orders
Volume discounts
Lost registration key
Online manual
Security news
Contact us

Data-breach costs rising, study finds

In its study of 43 companies that suffered a data breach last year, the Ponemon Institute found the total cost of coping with the consequences rose to US$6.6 million per breach, up from $6.3 million in 2007 and $4.7 million in 2006.

The cost per compromised record in 2008 rose 2.5 percent over the year before to $202 per record, according to the study being released Monday.

"Each company is like a case study," said Larry Ponemon, head of the research group, noting that these 43 companies volunteered to participate in the study, which doesn't reveal their names.

But the study, which was sponsored by security vendor PGP, makes some findings about these companies struggling with the fallout of a data-breach incident, which often is publicly reported due to state regulations requiring notification of individuals if their confidential personal data has been lost, stolen or compromised.

"For the majority of our companies, it was not their first time," said Ponemon about the 43 U.S.-based companies in the 2008 data-breach study. "84 percent of the cases were repeat offenders, and only 16 percent were new."

He adds the first-timers found a data breach to be more expensive. According to the study, the first-timers found themselves coughing up $243 per record, while for experienced companies, costs were held down to $192 per victim record.

There are some distinct consequences of a data breach, especially in healthcare and financial services, Ponemon notes. In these two industries more than others, customers notified of a data breach are more likely to discontinue association with companies that failed to secure sensitive data about them.

Despite headlines about lost and stolen data, "What continues to amaze me is that you'd think that people would be indifferent to a data-breach notification, but people continue to care a lot," Ponemon said.

While the average customer "turnover" or "churn" due to a data breach was generally 3.6 percent, in healthcare it was a much higher 6.5 percent and in financial services 5.5 percent. And the cost of a healthcare breach, at $282 per record, was more than twice as high as that of the average retail breach at $131 per record.

In other findings, the Ponemon study said 88 percent of all the cases for 2008 were traced back to insider negligence. The survey also showed that 44 percent of data breaches occurred due to external causes involving third parties, an increase from 40 percent in 2007 and 29 percent in 2006, the Ponemon report states.

A third-party breach is defined as third-party professional services, outsourcers, vendors and business partners that were in possession of the data and responsible for holding it.

Costs for a data breach mount up because of lost business and legal defense, which grew in 2008, while costs of customer support, notification and free services such as credit monitoring decreased, according to the study.

The most-cited steps that companies took following a breach included training and awareness programs more manual procedures and controls expanded use of encryption identity and access-management deployments and data-loss prevention products.

Network World (US)




We offer you a 30-day unconditional money back guarantee! 100% satisfaction or your money back.




Microsoft Windows XP, Server 2003, 2008, Vista, 7, 8, 10, 11 - MyUSBOnly is not a resource-consuming utility.


Home | Pricing | Buy now | Screenshots | Download | Support | Resellers | Affiliates | Pressroom | Contact | About | Sitemap

Copyright © Whatlink Software Limited. 2003-2023. All Rights Reserved. EULA | Privacy Statement