BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

One Breach = $1 Million To $53 Million In Damages Per Year, Report Says

From: security curmudgeon <jericho () attrition org>
Date: Tue, 27 Jul 2010 12:47:00 -0500 (CDT)


---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.darkreading.com/database_security/security/attacks/showArticle.jhtml?articleID=226200272

By Kelly Jackson Higgins
DarkReading
July 26, 2010

Organizations are getting hit by at least one successful attack per week, 
and the annualized cost to their bottom lines from the attacks ranged from 
$1 million to $53 million per year, according to a newly published 
benchmark study of 45 U.S. organizations hit by data breaches.

The independent Ponemon Institute's "The First Annual Cost of Cyber Crime 
Study" (PDF), which was sponsored by ArcSight, showed a median cost of 
$3.8 million for an attack per year, a price tag that includes everything 
from detection, investigation, containment, and recovery to any 
post-response operations. "Information theft was still the highest 
consequence -- the type of information [stolen] ranged from a data breach 
of people's [information] to intellectual property and source code," says 
Larry Ponemon, CEO of the Ponemon Institute. "We found that detection and 
discovery are the most expensive [elements]."

And a separate report called "The Leaking Vault" (PDF) released today by 
the Digital Forensics Association found that among the 2,807 publicly 
disclosed data breaches worldwide during the past five years, the cost to 
the victim firms as well as those whose information was exposed came to 
whopping $139 billion.

The Digital Forensics Association report says nearly half of all of the 
reported breaches came from a laptop, which in 95 percent of the cases is 
stolen. But actual hacks accounted for the most stolen records during 2005 
to 2009, with 327 million of the 721.9 million covered in the report, even 
though hacks accounted for only about 16 percent of the data breaches.

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/

Get business, compliance, IT and security staff on the same page with
CREDANT Technologies: The Shortcut Guide to Understanding Data Protection
from Four Critical Perspectives. The eBook begins with considerations
important to executives and business leaders.
http://www.credant.com/campaigns/ebook-chpt-one-web.php
Previous By Date Next
Previous By Thread Next

Current thread: