0

 

Symantec and the Ponemon Institute recently released the 2013 Cost of Data Breach Study: Global Analysis which reveals human errors and system problems caused two-thirds of data breaches in 2012 and pushed the global average to $136 per record. Issues included employee mishandling of confidential data, lack of system controls, and violations of industry and government regulations. Heavily regulated fields including healthcare, finance and pharmaceutical incurred breach costs 70 percent higher than other industries.

 

The global cost per compromised customer record was up over the previous year, and the United States total cost per data breach incident was down slightly at $5.4 million. This decline was attributed to the appointment of chief information security officers (CISOs) with enterprise-wide responsibilities, comprehensive incident response plans, and stronger overall security programs

 

“While external attackers and their evolving methods pose a great threat to companies,  the dangers associated with the insider threat can be equally destructive and insidious,” said Larry Ponemon, chairman, Ponemon Institute. “Eight years of research on data breach costs has shown employee behavior to be one of the most pressing issues facing organizations today, up 22 percent since the first survey.”

 

“Given organizations with strong security postures and incident response plans experienced breach costs 20 percent less than others, the importance of a well-coordinated, holistic approach is clear,” said Oseme Osobase, enterprise account manager, Indian Ocean Islands, West, East and Central Africa at Symantec. “Companies must protect their customers’ sensitive information no matter where it resides, be it on a PC, mobile device, corporate network or data center.”

 

The eighth annual global report is based on the actual data breach experiences of 277 companies in nine countries including the United States, United Kingdom, France, Germany, Italy, India, Japan, Australia, and Brazil. The nine country and global summary reports can be found at Symantec website.  All of the data breach incidents studied in the reports occurred in the 2012 calendar year. In order to properly track trend data, the Ponemon Institute does not include “mega data breaches” of more than 100,000 compromised records.

Companies can analyze their own risk by visiting Symantec’s Data Breach Risk Calculator which takes the organization’s size, industry, location and security practices into consideration for both a per record and an organizational estimate.

Additional key findings include:

  • Average cost per data breach varies widely worldwide. Many of these differences are due to the types of threats that organizations face, as well as the data protection laws in the respective countries. Some countries such as Germany, Australia, the United Kingdom and United States, have more established consumer protection laws and regulations to strengthen data privacy and cyber security. United States and Germany continue to incur the most costly data breaches (at an average cost per compromised record of $188 and $199 respectively). These two countries also had the highest total cost per data breach (United States at $5.4 million and Germany at $4.8 million).
  • Mistakes made by people and systems are the main causes of data breach. Together human errors and system problems account for 64 percent of data breaches in the global study, while prior research shows that 62 percent of employees think it is acceptable to transfer corporate data outside the company and the majority never delete the data, leaving it vulnerable to data leaks. This illustrates the large extent to which insiders contribute to data breaches and how costly that loss can be to organizations. Brazilian companies were most likely to experience breaches caused by human error. Companies in India were the most likely to experience a data breach caused by a system glitch or business process failure. System glitches include application failures, inadvertent data dumps, logic errors in data transfer, identity or authentication failures (wrongful access), data recovery failures, and more.
  • Malicious and criminal attacks are the most costly everywhere. Consolidated findings show that malicious or criminal attacks cause 37 percent of data breaches and are the most costly data breach incidents in all nine countries. U.S. and German companies experience the most expensive data breach incidents caused by malicious or criminal attackers at $277 and $214 per compromised records, respectively, while Brazil and India had the least costly data breach at $71 and $46 per record, respectively. German companies were also most likely to experience a malicious or criminal attack, followed by Australia and Japan.
  • Some organizational factors decrease the cost. U.S. and U.K. companies received the greatest reduction in data breach costs by having a strong security posture, incident response plan and CISO appointment. The U.S. and France reduced costs by engaging data breach remediation consultants.

 

Symantec recommends the following best practices to prevent a data breach and reduce costs in the event of one:

  1. Educate employees and train them on how to handle confidential information.
  2. Use data loss prevention technology to find sensitive data and protect it from leaving your organization.
  3. Deploy encryption and strong authentication solutions.
  1. Prepare an incident response plan including proper steps for customer notification.


Kenneth Omeruo
Omeruo Ndukaku Kenneth is an Innovation Management expert,the CEO of Emerging Media,a new media company.He is a member of ISPIM - International Society for Professional Innovation Management and the US-Africa chamber of Commerce.He is the Founder of TechTrends Nigeria Blog,Nigeria Innovation Summit and the African Innovation Academy.Kenneth is a highly sought-after Internet Marketing Consultant who has through his seminars, articles, training and consulting, helped many organizations, Individuals, Businesses maximize the Internet for business purposes.Kenneth has also being featured as a guest on the TV show TODAY ON STV Nigeria and on Bloomberg Africa TV.He is the author of the best –selling Internet Book: How To Create Unlimited Internet Wealth. He is a syndicated columnist with the following Newspapers in Nigeria: Daily Independent, Financial Standard, PUNCH, BusinessDay, and Sun.Kenneth organises the EduNet Conference for Universities in Nigeria. Kenneth is a member of Institute of Software Practitioners of Nigeria( ISPON ) Roundtable For Capacity Development in Nigeria,member pre-selection committee for Nigeria at the UN World Summit Awards,a Panelist for Youth Enterprise With Innovation in Nigeria(YouWIN)-a Federal government initiative created by the ministry of finance,supported by ministries of Communications Technology,Youth Development,Worldbank and DFID. A 2013 Judge at the Google Cloud Developers Challenge for Sub Saharan Africa.He has been a contributing editor of Nigeria Communications Week,Africa Telecom and IT Business Magazine,ICT Today magazine,M2 magazine.Kenneth has been invited to the Commonwealth Telecommunications Organisation Forum, Oracle Open World Conference USA, Oracle Cloud World Dubai, and GITEX Dubai. He now lives in New York with his family and presently working on an Open Innovation project for Nigeria. You can contact Kenneth through email: (kenneth (at)techtrendsng.com) Facebook:www.facebook.com/Kenneth.omeruo On Twitter:www.twitter.com/kennethomeruo Skpe:Kenneth.Omeruo

TradeStable Launches Online Marketplace for Buyers and Sellers in Nigeria

Previous article

Business Sophistication (2)

Next article

You may also like

Comments

Leave a reply

Your email address will not be published. Required fields are marked *

More in Tech Brands