http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=222500222 

By Tim Wilson
DarkReading
Jan 26, 2010

The cost of data breaches continues to rise, and malicious attacks 
accounted for more of them in 2009 than in previous years, according to 
a study published today.

In conjunction with study sponsor PGP Corp., Ponemon Institute today 
released the results of its fifth annual "U.S. Cost of a Data Breach" 
report. The news isn't good, according to the research firm's founder, 
Larry Ponemon.

"Each year, I expect the breach cost figures to decrease, but the 
numbers are still rising," Ponemon says. The 2009 study showed a slight 
increase in the organizational cost of a data breach -- from $6.65 
million to $6.75 million per incident -- and a slight increase in the 
average cost per compromised record, from $202 to $204.

Legal costs showed the greatest increase in 2009, according to the 
study. Fees associated with legal handling of breach-related litigation 
increased by more than 50 percent between 2008 and 2009. "This reflects 
the increasing chances that a breach will result in litigation, which 
we've seen in cases like Heartland [Payment Systems]," Ponemon says. 
Heartland recently agreed to a $60 million settlement related to its 
2008 breach, and some of the plaintiffs are now asking for more.

Malicious attacks also showed a sharp rise in the 2009 report, Ponemon 
observes. In the 2008 report, external attacks accounted for 12 percent 
of all breaches, but this year that figure is approximately 24 percent. 
"What this says is that the seriously deranged criminal is a lot smarter 
than they used to be," Ponemon says. "The attacks are a lot more 
sophisticated now, and the criminals are working with technologies that 
are a lot stealthier."

[...]


________________________________________ 
Did a friend send you this? From now on, be the 
first to find out! Subscribe to InfoSec News 
http://www.infosecnews.org