While incidents like Zappos breach is still there in mind, the recently published annual ‘Cost of Data Breach Report’ by the Ponemon Institute has uncovered many interesting facts.
This is the seventh annual report by the Ponemon Institute, which is sponsored by Symantec. The report is based on the analysis and quantification of the financial impact on an organization, following incidents of data breach.
The Institute conducted its study by observing the data security measures of 49 different companies in the United Kingdom, United States, France, Germany, Australia, Italy and India. During the study that continued over nine months in 2011, the Institute interviewed more than 400 individuals from the companies.
After occurrence of a data breach, it is the cost of the compromised data that accounts to be the major portion of the financial loss. This is why, in its study the Institute has focused on this aspect more. Here, the Institute found that following instances of data breach, this is the first time there is a decline in overall cost for lost or compromised data.
According to the study, in the year 2011, the incidents of data breach cost organizations an average of $194 per compromised record, from which as much as $135 is due to the indirect costs. In comparison to this year’s $194, last year the average cost per compromised record was $214, including an average indirect cost of $141 straightaway. However, there are certain exceptions in the communication industry, where like every other year data breaches cost very high this year, with a whopping average of $334 per capita.
But, as the average per capita cost has dropped, this is a good sign. In this respect, the study of Ponemon has cited one interesting factor that is indeed responsible for this drop. The Institute has pointed that in the current year, fewer numbers of records has been stolen or lost, which has directly impacted the figures. According to the report, it is noteworthy that in spite of the data breach, only few customers have abandoned those companies in 2011 in comparison to the previous years.
Along with this good point, the Institute has also found some eye-widening facts about data breach. The study report says that for institutional data loss, the biggest threats are still internal conspiracy. Though, 39 percent of the organizations agreed that negligence is the root cause behind data breaches, around 37 percent said that malicious attacks are the main factor. Around 33 percent of respondents even gave their opinion that it is data theft by malicious employees, which is the biggest threat. In this context, the study report has written that around 51.2 percent of the threats are coming from inside the organizations.
Data breach has been the most talked news for over a couple of years now. Though many organizations have already experienced serious breaches, it is good to know that industry has started implementing security measures and the average per capita loss to data breach has come down. Still, as the study report cited, there are many areas to be taken care of; especially the internal data safety and monitoring policies must be tightened in order to avoid incidents of breaches from inside of the organizations.