Data-Breach Costs Rising, Study Finds

BobB-nw writes to tell us that a recent study of 43 companies that suffered from data breaches last year showed the total cost of dealing with the breach to have risen to $6.6 million per incident. The cost is about $202 per record compromised for first timers, while the repeat offenders seem to have their mojo down and only suffer about $192 per record. With 88% of all data loss cases for 2008 being traced back to insider negligence it's a wonder that a little upfront money isn't being directed at prevention; guess as soon as they idiot-proof it someone will build a better idiot.

BS

[pondermaster]

"$6.6 million per incident"
Well, that's what they told the insurance company.

At an IT Manager I say this:

[erroneus]

I find the problem has several facets.

1. Nearly everything requires Windows
2. Too many Windows applications want or require administrator privileges
3. Users like little gadget software so much they think they need them
4. Microsoft Internet Explorer (need I say more?)

Malware is ALWAYS an internal network security problem. You can bullet-proof your web site from intrusion all you like but when the threat comes from an internal machine on your network, you're done for. There are lots of ways to address the problem, but none of them make users or executives happy. For much data processing, I'd like to see a return of the green CRT and keyboard. They don't crash (easily) and don't get infected with malware and keyloggers. Sure, they don't tell you what the weather is outside, but this is sensitive/valuable data being processed. We don't WANT those things connected.

User technology culture is out of hand and does not address technical/functional needs.