Data Breaches Breaking the Bank for Businesses
Monday, August 2, 2010
Print Mail Download i

 

Hope you enjoyed that headline alliteration.

But let’s talk cyber crime. In 2010 it’s rare to find someone who has never had their email account hacked (happened to me last month!) or their personal information stolen by cyber thieves. But that’s small time cyber crime compared to what’s happening to businesses around the globe.

According to a new study by Ponemon Institute, an independent research establishment, organizations are getting hit by at least one successful attack per week. Sound like a lot to you? It is. But what’s even more distressing and hard to believe is that the annualized cost to their bottom lines from the attacks ranged from $1 million to $53 million per year.

Pnemon’s first annual “Cost of Cyber Crime” report studied 45 U.S. organizations hit data breaches. It found that the median cost to companies was $3.8 million per year for an attack. Certainly enough for some bottom line blues.

“Information theft was still the highest consequence — the type of information [stolen] ranged from a data breach of people’s [information] to intellectual property and source code,” says Larry Ponemon, CEO of the Ponemon Institute. “We found that detection and discovery are the most expensive [elements].”

The report found that web-borne attacks, malicious code and malicious insiders are the most costly types of attacks, and social security numbers are the most commonly compromised form of data. According to Datalossdb.org, there have been 10 reported data breaches in the past 13 days alone. Let’s take a look at the largest reported breaches in history, courtesy of the aforementioned website:

data breach

According to the Ponemon study, the 45 organizations studied did not have the right tools or technologies in place to prevent such costly breaches (bad risk management to say the least). The leading types of attacks were malware (25%), SQL (24%) and stolen/abused credentials (16%).

Numerous tech companies, such as Cisco and Symantec, offer data loss prevention products and services.

Without data breach technology in place, a company is throwing away their hard-earned dollars. And millions of dollars at that, according to Ponemon.

The above article is reprinted from the Risk Management Monitor - the official blog of Risk Management magazine.

Reprinted with permission from the Risk Management Monitor. Copyright 2010 Risk and Insurance Management Society, Inc. All rights reserved.
Reprinted with permission from the Risk Management Monitor. Copyright 2010 Risk and Insurance Management Society, Inc. All rights reserved.

Current Legal Analysis

More from Risk and Insurance Management Society, Inc. (RIMS)

3 Things Every Organization Should Do to Protect Against Cybercriminals
by: Risk Management Magazine
Proactive Tips for Businesses Facing Hail Damage Claims
by: Risk Management Magazine
Navigating the Supply Chain Crisis
by: Risk Management Magazine
7 Tips to Mitigate the Risks of Summer Staff Parties
by: Risk Management Magazine
How to Manage Supplier Risk and Performance in an Uncertain Global Economy
by: Risk Management Magazine
Five Strategies to Protect Against Ransomware and Other Cyberattacks
by: Risk Management Magazine
Cyberrisk Management Tips for Businesses Amid the Russia-Ukraine War
by: Hilary Tuttle
Detecting and Confronting Procurement Fraud
by: Risk Management Magazine
Should You Revisit Insured Property Value Estimates?
by: Risk Management Magazine
RIMS ERM Conference 2021: Introducing the New RIMS Maturity Model
by: Adam Jacobson

Upcoming Legal Education Events

 

NLR Logo

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up to receive our free e-Newsbulletins

 

Sign Up for e-NewsBulletins