Information World Review (IWR) Blog Information World Review (IWR) Blog A blog from www.iwr.co.uk

« Web 2.0: rubbish name, great idea | Main | Fly the flag and fly it high »

Counting the cost of data loss

Data loss has become a running story over the last few months. Not so much is the question “Has there been a data breach?” more a case of “Who now?” Writes Peter Williams

You wouldn’t accept the catalogue of stolen laptops, mislaid CDs, unopened disks and general lack of care and attention from Kevin the teenager, never mind responsible organisations. One of the inevitable follow up questions is how much does all of this “now what have I done with that?” misplaced data actually cost?

The answer is further embarrassment for those responsible and more exasperation for the shareholders and taxpayers who finally picks up the tab. According to research issued this week (25 February 2008) the average total cost was more than £1.4 million. Perhaps more interesting, the 2007 Annual Study: UK cost of a data breach also revealed that the most significant component of data breach costs was the financial impact of lost business due to reduced consumer trust. The study (the first despite its title), was carried out by the Ponemon Institute and sponsored by PGP Corporation and Symantec Corp and focused on the cost of activities resulting from actual data loss incidents as well as identifying the most frequent causes. Breaches included in the survey ranged from 2,500 records to more than 125,000 records from 21 businesses spanning eight different industry sector. 

The average cost per record lost is £47 lost business leads to 46 per cent of the total cost of a data breach, as a loss of trust leads to higher churn and higher customer acquisition rates, the study found. The rest of the cost is made up from notification (£1 per record), detection (£15) and ex-post activities (£15), which are the costs after the event to help victims watch their credit or the reissuing of account cards, for example.

Lost laptops are the most frequent cause of data breaches (as no doubt as the NHS and MOD could confirm), accounting for 36%. The use of paper records account for 24%, while hackers, malicious insiders and malicious code combined are responsible for12% of such incidents.

The number of reported data lost incidents has risen sharply in the last few years. Perhaps that indicates that organisation are taking these fouls up more seriously but as this study shows more needs to be done to cut the cost and contain the damage.

Posted by dgriffin | February 27, 2008 |

Comments

Post a comment

Links to IWR

Bloggers-in-chief

Daniel Griffin, IWR Deputy Editor Daniel Griffin, IWR Deputy Editor
Daniel joined IWR in 2006 after a career as a publisher of guides, supplements and websites for magazine and event companies. His special interest is the evolving publishing and information industry online.

Peter Williams, IWR Editor Peter Williams, IWR Editor
Peter is in his second spell on IWR. Over the last few years he has developed interest in the fields of knowledge management and e-learning, writing and editing extensively on both topics.

July 2008
Sun Mon Tue Wed Thu Fri Sat
    1 2 3 4 5
6 7 8 9 10 11 12
13 14 15 16 17 18 19
20 21 22 23 24 25 26
27 28 29 30 31    

Recent Posts

Recent Comments

Archives

Categories

Powered by Movable Type
Useful links: About | Privacy policy | Terms & conditions | Top of the page
© Incisive Media Ltd. 2008
Incisive Media Limited, Haymarket House, 28-29 Haymarket, London SW1Y 4RX, is a company registered in the United Kingdom with company registration number 04038503