Ponemon Report Shows Sharp Rise in the Cost of Data Breaches
At Infosecurity NY 2006, PGP Corporation, Vontu, and The Ponemon Institute, a privacy and information management research firm, released the 2006 Annual Study: Cost of a Data Breach. This benchmark analysis details the financial impact of data loss incidents on affected companies. Initiated in 2005, the study examines all financial consequences of data breaches involving consumers' personally identifiable information. According to the Privacy Rights Clearinghouse, more than 330 data loss incidents involving more than 93 million individual records have occurred since February 2005.
According to the study's 2006 findings, data breaches cost companies an average of $182 per compromised record, a 31 percent increase over 2005. The Ponemon Institute analyzed 31 different incidents for the study. Total costs for each ranged from less than $1 million to more than $22 million.
The 2006 Cost of a Data Breach Study tracks a wide range of cost factors, including legal, investigative, and administrative expenses, as well as stock performance, customer defections, opportunity loss, reputation management, and costs associated with customer support such as information hotlines and credit monitoring subscriptions.
"The burden companies must bear as a result of a data breach are significant, making a strong case for more strategic investments in preventative measures such as encryption and data loss prevention," said Dr. Larry Ponemon, chairman and founder of The Ponemon Institute. "Tough laws and intense public scrutiny mean the consequences of poor security are steep—and growing steeper for companies entrusted with managing stores of consumer data."
“Once again, the Ponemon survey illuminates the high costs companies will incur for failing to protecting their customers' data,” said Andrew Krcik , vice president of marketing for PGP Corporation. “The report shows companies must spend prodigiously to recover from data breaches. In fact, 72% of respondents indicated that the cause of the data breach was because digital information was not properly protected. In light of these findings, it's not surprising that companies such as PGP Corporation and Vontu are seeing an increasing shift to preventative solutions.”
”The new Ponemon study confirms what we hear every day from our enterprise customers, that they simply cannot afford to allow confidential data loss to continue,” said Steve Roop, vice president of products and marketing, Vontu. “By investing in technology solutions from PGP Corporation and Vontu, companies are able to quickly reduce their risk of data loss by as much as 90 percent.”
A separate report recently issued by Vontu and The Ponemon Institute, U.S. Survey: Confidential Data At Risk , demonstrates that companies do not have adequate controls over the storage of sensitive or confidential data at rest. In that study, 81 percent of respondents reported that their organizations have experienced one or more lost or missing laptop computers that contained sensitive or confidential business information in the past 12-month period.
The 2006 Cost of a Data Breach Study was co-sponsored by PGP Corporation, a global leader in enterprise data security and encryption solutions, and Vontu, the leader in data loss prevention solutions. Copies of the 2006 Cost of a Data Breach Study are available through PGP Corporation , Vontu , and The Ponemon Institute .
Discuss This Article