A third of IT managers report data breaches

COMMENT ON THIS ARTICLE

In a recent survey of 83 corporate IT managers, 28 acknowledged having had to cope with a data breach, and half of those respondents reported significant related costs.

In its report entitled “Calculating the cost of a security breach,” research firm Forrester said half of those polled cited changes to security and auditing processes as a major cost category.

In addition, 43 per cent said the costs of customer notification and loss of business could be counted in the fallout from a data breach, though only 25 per cent feared lawsuits and civil penalties.

In its report, Forrester concluded that the cost of a data breach varies widely, from about US$90 to $305 per customer record, depending whether the breach is “low-profile” or “high-profile” and the company in a non-regulated or highly regulated area, such as banking.

The Forrester report notes this is higher than findings made by the Ponemon Institute and others industry experts that typically cite costs associated with a data breach to be in the $50 range per customer record to cover legal fees, notification costs, increased call centre costs, marketing and public relations expenses.

In counting up costs to cope with a security breach involving sensitive data, Forrester reckons it costs $50 just for the discovery, notification and response that brings in unexpected expenses associated with legal counsel, call centres and mail notification.

Lost employee productivity would range from $20 per customer record to $30, while the “opportunity costs” in lost customers and difficulty in getting new ones would range from $20 for a “low-profile breach” in a non-regulated industry to $100 for a “high-profile breach” in a regulated one.

Regulatory fines could also be incurred in regulated industries to the tune of $25 to $60 per customer record. Credit card replacement costs or civil penalties cost easily add up to $25, Forrester reckons.

Though it may seem hard to estimate a dollar value associated with a data breach, “focus on cost per record versus overall costs,” the Forrester report advises. The IT division should use the estimates simply as a starting point in interacting with the business side in estimating costs.

Quicklink 071076

COMMENT ON THIS ARTICLE

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now