Australian Companies Face Heavy Losses on Account of Data Breaches
The 2009 Australian Cost of a Data Breach study, carried out by Ponemon Institute of the US on behalf of data encryption specialist PGP, stated that firms suffered financial losses of around AUS$2 Million on average for a single incident, with almost AUS$123 spent to combat every hacked record.
In one of the most expensive incidents, one firm spent almost $4 Million to solve just a single incident.
As per the security experts, botnets and malicious attacks are the main factors behind the data breaches in the country, and cost considerably more than that caused by faults in the IT system or human negligence. Around 44% of all incidents in this study involve a criminal or malicious attack that lead to the theft or loss of personal details.
The cost incurred for each record hacked averaged AUS$156, whereas data breaches on account of negligence and system flaws averaged a cost of AUS$94 and AUS$99 per record respectively.
In addition, 31% of breaches were triggered by external factors, where third parties like professional service providers, vendors, outsourcers, and business partners are held responsible for data security. Furthermore, offshore breaches were also expensive to address.
The report also mentioned that the businesses with the largest number of customer turnover, i.e. financial, media and communications, had the highest average costs per hacked record (AUS$177, AUS$182 and AUS$141 respectively). The businesses with the minimum churn rates, i.e. retail and transportation, followed by the public sector, had the lowest average costs per breached record (AUS$73, AUS$72 and AUS$107 respectively).
The report also reveals that 31% of total cases were on account of a system glitch or stolen/lost laptop or some other type of mobile data-bearing techniques, 25% of data violation cases involved negligence on part of employees. Moreover, 56% of firms examined with an efficient security solution had faced minimum costs of data breach as compared to the less-prepared ones.
Lastly, the report states that firms should take serious action to ensure protection against data breaches. Moreover, the study adds that Australian lawmakers have to pass a law which can make provisions for businesses and govt. agencies to inform customers, employees and other targeted individuals when some private detail is breached because of human error, technological problems or other malicious activities.
Related article: Australian Blogger Uses Spam To Boost Blog
» SPAMfighter News - 21-04-2010