By Tim Wilson
Jan 26, 2010
The cost of data breaches continues to rise, and malicious attacks
accounted for more of them in 2009 than in previous years, according to
a study published today.
In conjunction with study sponsor PGP Corp., Ponemon Institute today
released the results of its fifth annual "U.S. Cost of a Data Breach"
report. The news isn't good, according to the research firm's founder,
"Each year, I expect the breach cost figures to decrease, but the
numbers are still rising," Ponemon says. The 2009 study showed a slight
increase in the organizational cost of a data breach -- from $6.65
million to $6.75 million per incident -- and a slight increase in the
average cost per compromised record, from $202 to $204.
Legal costs showed the greatest increase in 2009, according to the
study. Fees associated with legal handling of breach-related litigation
increased by more than 50 percent between 2008 and 2009. "This reflects
the increasing chances that a breach will result in litigation, which
we've seen in cases like Heartland [Payment Systems]," Ponemon says.
Heartland recently agreed to a $60 million settlement related to its
2008 breach, and some of the plaintiffs are now asking for more.
Malicious attacks also showed a sharp rise in the 2009 report, Ponemon
observes. In the 2008 report, external attacks accounted for 12 percent
of all breaches, but this year that figure is approximately 24 percent.
"What this says is that the seriously deranged criminal is a lot smarter
than they used to be," Ponemon says. "The attacks are a lot more
sophisticated now, and the criminals are working with technologies that
are a lot stealthier."
Did a friend send you this? From now on, be the
first to find out! Subscribe to InfoSec News