Comments: The un-internalised cost of your data breach

a couple of my comments on the matter (from linkedin)
http://www.garlic.com/~lynn/2009b.html#62
http://www.garlic.com/~lynn/2009b.html#63

a related study/report from a couple weeks ago:
New Research Reveals 45% of Card Breach Victims Lose Confidence in Their Financial Accounts
http://sev.prnewswire.com/banking-financial-services/20090120/SF6044320012009-1.html

... and my comments
http://www.garlic.com/~lynn/2009b.html#9

and for a little more topic drift ... recent comments about "mis-aligned" business processes
http://www.garlic.com/~lynn/2009.html#74

Posted by Lynn Wheeler at February 4, 2009 09:58 AM

You got the axes wrong, Ian. They need to be numbered in the exact opposite direction, both of them.

On the substance, it is an interesting article, as usual. Another refreshingly honest way of looking at security.

Posted by Daniel A. Nagy at February 5, 2009 05:29 AM

"darn! you spotted my marketing trick" :)

OK, fixed, THANKS! Of course, some will point out that the user pays always anyways ... but money being about information, Hayekian-wise, it is all about who has to carry the burden and incentive of that information.

Posted by Iang at February 5, 2009 07:54 AM

Cool, but how do we get from here to there?

Posted by Adam at February 5, 2009 10:55 AM

"The Ponemon Institute, which puts out an annual data breach cost report, found that the total average cost of a data breach grew to $197 per compromised record. The costs add up to more than $6.3 million per breach and ranged from $225,000 to almost $35 million. The study factors in the cost of lost business and the investment a merchant makes in security technologies following a breach. The organization plans updated figures later this month.

The Maine data breach report further illustrates the far reaching effects of data breaches and identity crime, said Larry Ponemon, founder and chairman, Ponemon Institute. Ponemon cautioned that the costs listed in the report (which one, Maine or Ponemon?) are only those associated with financial institutions and don't reflect the total costs incurred by Hannaford's, victims, and other organizations."

Posted by Larry Ponemon on the others... at February 10, 2009 08:18 AM
Post a comment









Remember personal info?






Hit Preview to see your comment.
MT::App::Comments=HASH(0x56043d4e1f30) Subroutine MT::Blog::SUPER::site_url redefined at /home/iang/www/fc/cgi-bin/mt/lib/MT/Object.pm line 125.