Data breaches are not just a line item that can be easily accounted for, the key expense is lost business opportunities and a companies IP.
According to its survey, which was sponsored by PGP, the average cost of a data breach from detection to notification and response was $202 per record in 2008. That’s an increase from $197 per record in 2007.
According to the study, lost business accounted for 69 percent of data breach costs in 2008, up from 65 percent in 2007 and 54 percent in 2006.
Like previous studies, Ponemon reported that most breaches were not due to hackers, but negligence of insiders. Third-party breaches tended to cost $52 more per record, averaging $231.
Once a breach happened, enterprises tended to invest in training and pursue encryption.
Organisations that have had a security breach seem to follow a similar pattern, the first thing they seem to do is they implement manual procedures and training, which makes sense given that so many of these breaches are caused by a negligent insider,” said Larry Ponemon, chairman of the institute. “But from a technology perspective it appears that the most frequently used technology after a breach is encryption and a more holistic and strategic use of encryption seems to be implied by our researcher findings.”
Should you need advice on data security and encryption please contact us on 0845 260 5757 or email us.