Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
Search
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Database
    • IT Management
    • Small Business

    Data Breaches Less Costly with Strong CISO

    By
    Brian Prince
    -
    April 28, 2010
    Share
    Facebook
    Twitter
    Linkedin

      When data breaches occur, strong leadership from the chief information security officer can make a difference in the damage done to your corporate budget, according to new research from the Ponemon Institute.

      In its latest look at data breaches the institute found that in the five countries studied (U.S., U.K., Australia, France and Germany), CISO leadership in the aftermath of a breach slashed the cost per compromised record by an average of 21 percent compared to companies without such leadership. The benefits were highest for companies in Germany and the United States, where costs were reduced 45 and 33 percent, respectively. Despite this finding however, only 40 percent of the breaches in the U.S. and 36 percent of those in Germany were managed by the CISO.

      “Centralizing an organization’s approach to data management and protection usually means following a cohesive strategy instead of an ad hoc approach,” Dr. Larry Ponemon, chairman of the institute, told eWEEK. “Without a single point of accountability you may have vastly different approaches to information security from department to department and no one looking out for the best interests of the company. A good CISO/CSO will understand the company’s mission and be able to marshal available resources to make sure everyone in the organization is working toward that mission with full awareness of relevant laws and regulations, internal policies, and industry best practices.”

      The study, which was commissioned by PGP, took a look at data breaches experienced by businesses around the globe in 2009. According to their findings, breaches in the U.S. last year cost an average of $6.75 million, or $204 per compromised customer record. The overall average across the five countries was $142 per record.

      Countries with data breach notification laws naturally had the highest costs. For example, the U.S. had a cost per record that was roughly 43 percent higher than the global average. Germany, which passed data breach legislation in July 2009 had the second highest cost per record, reaching 25 percent above average.

      “By forcing (breaches) into the public view, there’s a greater likelihood that companies will act in their best interest to take steps to avoid a public event,” Ponemon said. “That means investing in preventative measures, for example. You can be cynical about the reasons, but if a company takes steps to prevent an embarrassing data breach for the sole purpose of avoiding a damaging headline, the resulting increase in security should still be seen as a positive.”

      While the cost of data breaches fluctuates from year to year, one thing has remained the same – employee negligence is the leading cause of data breaches. In the U.S., negligence accounted for 40 percent of the breaches analyzed by the institute. Just under a quarter of the breaches (24 percent) were caused by malicious or criminal attacks.

      “This is a frustrating statistic because it seems that addressing employee negligence would be the easiest, least costly way to make the most significant gains in data protection,” Ponemon said. “Give yourself more time to check in at the airport; don’t leave your PDA in the taxi; don’t plug into an unsecured home network; don’t disable your laptop’s encryption… education and awareness can create a more vigilant, security-conscious culture, yet we see employee negligence remains atop the charts.”

      However, breaches due to negligence tended to be less costly than others, the research found. Malicious attacks did the most damage to corporate pocketbooks, and cost much more in countries without data breach notification laws. For example, malicious attacks in France and Australia cost 121 percent and 61 percent more respectively per compromised record than average. In the U.S. by contrast, the cost per record only went up seven percent.

      The report recommended businesses take a number of steps to reduce the likelihood of data breaches or minimize their impact, including: ensuring portable data-bearing devices are encrypted, vetting and evaluating the security posture of third-parties they share data with and drafting communications that clearly define the root causes of a breach to minimize customer turnover.

      “It doesn’t matter where they’re located, if a company gains a reputation for being careless with confidential data, the brand will suffer,” said Phillip Dunkelberger, CEO of PGP, in a statement. “Data is currency, it needs to be protected. Data breach notification laws mean consumers are informed; more countries around the world are looking to tighten their data protection legislation as they realize lost data means an increase in customer turnover.”

      Avatar
      Brian Prince

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      Chris Preimesberger - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      eWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      Zeus Kerravala - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      Wayne Rash - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Information

      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×