Every year, IBM Security Services sponsors a data breach study conducted by the Ponemon Institute. Despite growing awareness and heightened security measures employed by today’s enterprises, this year’s study reports, as it has year after year, that data breaches continue to grow, both in cost and in the number of consumer records being lost or stolen.
To compile this year’s report, Ponemon conducted interviews with more than 2200 IT, data protection, and compliance professionals from 477 companies that had experienced a data breach over the previous 12 months.
Here are some of the key findings:
As in past years, the study also reports on how quickly an organization can identify and contain data breach incidents in relationship to financial consequences:
For the first time this year, the study also looked into the influence of two new cost factors—security automation and the extensive use of Internet of Things (IoT) devices.
Also for the first time, the study isolated data breaches involving more than one million records, or what they refer to as a mega breach.
Other salient findings from the research include:
An important takeaway from the Ponemon research is that there are many meaningful factors that decrease or increase the per capita cost of a data breach. Factors that decrease cost include, participation in threat sharing, employee training, BCM involvement, cyber analytics, extensive use of encryption, and a well-functioning incident response team.
In contrast, factors that increase the cost of a data breach include, third party involvement, extensive cloud migration, compliance failure, and the extensive use of mobile platforms.
Be safe out there.
To learn more about how ShareVault secures documents in the cloud, click here.
Phillip Bandy is ShareVault’s chief information security officer (CISO) and is responsible for establishing security standards and controls, guiding the implementation of security technologies, and managing the establishment and implementation of security policies and procedures. He is an expert in computer incident response and has implemented computer security controls for NASA’s Mission Control.