Latest Research Indicates Smaller Data Breaches and Reduced Customer Churn

Share this story:Tweet about this on Twitter0Share on LinkedIn0Share on Google+0Share on Facebook7

This has been a very newsworthy week for data breach research.  Dr. Larry Ponemon, the Ponemon Institute’s privacy advocate and researcher, released their yearly U.S. Cost of Data Breach Study which wrapped up the latest statistics for 2011.  After six years of less-than-encouraging news, there were a few surprises in this report.

First, the average organizational cost of a data breach declined from $7.2 million to $5.5 million and the cost per record declined from $214 in 2010 to $194 in2011, a 9% decline.  With new headlines declaring a breach daily, how could this be?  Well it appears that organizations are becoming better at managing the costs incurred as they respond and resolve a data breach incident.  Secondly, fewer customers are abandoning companies after a data breach has occurred.  It appears that organizations are taking more appropriate steps to keep their customer base loyal and repair damages to their reputation post-breach.  OR, have customer’s mindsets shifted to believe that data breaches are just a part of doing business – their data isn’t secure with any vendor?

Companies report that their data breaches were smaller in scale and resulted in a lower rate of customer churn.

Second, the report indicates “negligent employees and malicious attacks are most often the cause of the data breach.”  Employee or contractor negligence makes up 39% for the root cause of breaches while 37% of breaches concern malicious or criminal attack.  In addition, malicious attacks present the most costly types of breaches with a cost of $222 per record breached.

Third, organizations that employ a CISO (Chief Information Security Officer) with responsibility for data protection see an average cost of a data breach reduced by as much as $80 per compromised record.  This research point makes a lot of sense.  Organizations that have an active CISO that is conducting data protection training for employees and is advocating the appropriate processes, people and technologies to protect the organization will be much better prepared to handle a breach event.

And finally, the report shows that breach detection and escalation costs have declined in 2011, but the cost to notify victims of the breach increased.  It is believed that the increase in regulatory requirements governing data breach notifications has impacted the notification costs.  Additionally, the report indicates quick notifications and rapid responses can cost organizations $33 more per compromised record.  And, failing to accurately determine the number of affected individuals can result in notifying more people than necessary, leading to higher customer churn.

The report isn’t all doom and gloom this year.  Dr. Ponemon concluded that for the first time, “companies participating in our annual study report that their data breaches were smaller in scale and resulted in a lower rate of churn.”  We see a little light at the end of the tunnel proving that the preventative actions that organizations are putting in place do work.

This entry was posted in Event Log Management. Bookmark the permalink. Trackbacks are closed, but you can post a comment.

Subscribe to our Network Monitor Blog

Blog subscribers get email updates once a week.

Post a Comment

Your email is never published nor shared. Required fields are marked *


You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

  • Subscribe to our mailing list

    * indicates required
  • Categories

  • Featured Content

    9 Noble Truths of Network, Server and Application Monitoring

    Ipswitch 9 Noble Truths of Network, Server and Application Monitoring

    How IT teams can thrive while dealing with complexity

  • Recent Posts