Study: Cost of Data Breaches RisingNovember 30th, 2007 - 4:05 am ICT by admin
According to a study released on Thursday by the Ponemon Institute, a privacy and information management research firm, each customer record lost or compromised in 2007 cost companies $197, compared to $182 in 2006. That represents an increase of more than 8 percent.
This is the third year that the Ponemon Institute has conducted its “U.S. Cost of a Data Breach” survey; the average per-incident cost has climbed each year. The increase between 2005 and 2006 was particularly steep, clocking in at over 40 percent.
The precise number of consumer records compromised by security breaches each year is difficult to determine. However a running estimate compiled by the Privacy Rights Clearinghouse lists incidents in which at least 216 million customers have had their data security compromised. On the basis of that figure, lost and compromised data is costing U.S. businesses tens of billions of dollars each year.
“And keep in mind,” said Beth Givens, the director of the Privacy Rights Clearinghouse (PRC), in a telephone interview, “in many cases the number of people affected is unknown. So that figure (216 million) is very conservative. The real total could easily be twice as high.”
The Ponemon Institute reported that the total per-incident cost increased more than 30 percent, from $4.8 million to $6.3 million, and that nearly two-thirds of the cost in each incident was lost business opportunities from disgruntled customers.
Dr. Larry Ponemon, chairman and founder of the Ponemon Institute, said in a statement announcing the study results that corporate data security remains a persistent problem. “The data from 2007 suggests that although companies are responding to data breaches more efficiently,” Ponemon noted, “consumers seem to be less forgiving when their personal information is compromised.”
Part of their impatience might stem from the fact that companies share private information too easily or without sufficient safeguards….
Tags: beth givens, billions, breach, business opportunities, corporate data, customer record, data security, disgruntled, dr larry, impatience, incidents, information management research, persistent problem, prc, precise number, privacy rights clearinghouse, security breaches, steep, telephone interview