Categories: ReportsSecurity

Reading 2014 Ponemon Cost of Data Breach Study

The Ponemon Institute has issued its ninth annual report ” Cost of Data Breach Study “, an analysis on the economic impact of data breaches.

The Ponemon Institute has issued its annual report “Cost of Data Breach Study,”, a study on the economic impact of data breaches. The Cost of Data Breach Study is sponsored by IBM, its results show an increase of the average data breach cost per victim, it is nearly $145 per compromised record with an increment of 9 percent respect 2012.

The overall data shows a worrying scenario, the average cost of a data breach in increased about 15% respect 2012 reaching $3.5 millionThe root causes of data breach globally are the malicious or criminal attacks, nearly 42%, 30% of data breach is related to the operate of negligent employee or contractor (human factor), and 29% involved system glitches (IT and business process failures).

Very interesting is the deepening of the relationship between the main causes by date breaches and the countries in which they occurred,  countries in the Middle East and Germany suffered more incidents caused by malicious or criminal attacks, data breached in India were characterized by a system glitch or business process failure, while human error is the primary problem for Brazilian and British environments.

“Malicious attacks are more costly globally. Figure 6 reports the per capita cost of data breach for three root causes of the breach incident on a consolidated basis. These results show data breaches due to malicious or criminal attacks cost companies increased from and average of $157 in last year’s study to $159. This is significantly above the consolidated mean of $145 per compromised record and the per capita cost for breaches caused by system glitch and human factors ($126 and $117, respectively). Last year, system glitches averaged $122 and human error stayed the same at $117. ” states the report.

The greatest threats to the organization are malicious code and sustained probes, the Ponemon Cost of Data Breach Study report states that companies suffered an average of 17 malicious codes each month and 12 sustained probes each month.

According the Ponemon Cost of Data Breach Study report German and US entities experienced the higher costs at $195 and $201, respectively. Both countries paid the highest value per compromised record for data breach caused by malicious and criminal attacks, nearly $246 and $215 record.

The costs of data breaches are very different for each sector, heavily regulated industries such as healthcare, pharmaceutical and financial services had the highest per capita data breach cost ($145).

Let me close this post mentioning the impact of eight factors on the per capita cost of data breach. The Ponemon Cost of Data Breach Study confirms that a strong security posture helps organizations to reduce the cost of a data breach ($14 per record). Lost or stolen devices, third party involvement in the incident, quick notification and engagement of consultants increases the per capita cost of data breach. For example if the data breach involved lost or stolen devices the cost per record could increase to $161.10 ($145 + $16.10).

There is no time to lose, we must stop this trend by adopting an appropriate cyber security strategy.

Pierluigi Paganini

(Security Affairs –  Ponemon, 2014 Cost of Data Breach Study)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.

Recent Posts

Cisco addressed high-severity flaws in IOS and IOS XE software

Cisco addressed multiple vulnerabilities in IOS and IOS XE software that can be exploited to…

12 hours ago

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Google's Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively…

19 hours ago

Google addressed 2 Chrome zero-days demonstrated at Pwn2Own 2024

Google addressed two zero-day vulnerabilities in the Chrome web browser that have been demonstrated during…

1 day ago

INC Ransom stole 3TB of data from the National Health Service (NHS) of Scotland

The INC Ransom extortion group hacked the National Health Service (NHS) of Scotland and is threatening…

1 day ago

CISA adds Microsoft SharePoint bug disclosed at Pwn2Own to its Known Exploited Vulnerabilities catalog

U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft SharePoint vulnerability disclosed at the…

2 days ago

The DDR Advantage: Real-Time Data Defense

This is the advantage of Data Detection and Response (DDR) for organizations aiming to build…

2 days ago

This website uses cookies.