Dan Yost Chief Technology Officer of MyLaptopGPS brought attention to the Ponemon Institute, with sponsorship from PGP, has released their “Fifth Annual U.S.
Cost of Data Breach Study.” As usual, the report is a treasure trove of great data (just like most people’s laptops are).
The average cost per breached data record rose $2 in 2009, to $204. That’s actually not too bad. The average cost of a breach was $6.75 million, compared to $6.65 million in 2008.
PC World has a good article to summarize, and thanks to lyger at DataLossDB for the pointer.
Not very many businesses are taking serious note of the fact that, on average, they have $6.75 million laptops walking around out there. For those who are, our hats are off.
Here’s an interesting excerpt:
“Overall, 42% of all cases in the Ponemon data-breach study involved third-party mistakes and flubs. In addition, more than 82% of the cases in the Ponemon study were organizations that had more than one data breach in 2009 involving the loss or theft of
more than 1,000 records containing personal information. At about 40% of the companies that participated in the study, the chief information security officer (CISO) was in charge of managing the response related to the data breach.”
And how about the maximum data breach cost in the study? $31 million.
That’s a rather expensive laptop, and probably worth a few dollars to protect instead. (Note: the breach may actually have been the result of something other than a lost/stolen laptop, such as a network break-in).
The least expensive breach? $750,000. That beats $31 million, but $750k is still a pretty penny to pay, compared to protection.
Many thanks to Ponemon and PGP for another excellent study.