News Insider Threat

Study: The Aftermath Of A Breach

Kelly Jackson Higgins

See more from Kelly
Connect directly with Kelly: Bio  |  Contact

New Ponemon-Experian study highlights organizations' top priorities following a data breach

Kelly Jackson Higgins January 26, 2012

You've been breached: How do you minimize the fallout? Hiring outside legal help and assessing the damage to victims are the top two priorities, according to a new survey.

The newly released "Aftermath of a Data Breach" report from Experian and the Ponemon Institute surveyed IT security pros about a data breach they felt had the biggest impact on their organizations, both financially and reputationally.

More Security Insights

White Papers
More >>
Reports
More >>
Webcasts
More >>

Just half of the respondents said their organizations had done all they could to shield customer data, and 56 percent said retaining legal counsel was a priority, followed by analyzing the harm to user data (50 percent). Nearly 65 percent of organizations did not offer credit monitoring services to their customers affected by the breach, and 73 percent don't offer credit monitoring or other identity theft tools as part of their business.

Sixty percent of the organizations had not encrypted their customer data that was breached. Nearly 35 percent of the breaches were caused by insider mistakes; 19 percent, via a third-party outsourcer; and 16 percent, via a malicious insider.

Among the stolen data were email (70 percent); credit card and payment data (45 percent); and Social Security numbers (33 percent).

"IT professionals in this study are correct when they say that following the loss or theft of consumer data it is critical for companies to take steps to understand the root cause in order to prevent another breach and protect consumers from future harm," said Larry Ponemon, chairman and founder of Ponemon Institute.

The good news: Following the data breach, 61 percent said their organizations increased their security budgets, and nearly 30 percent expanded their IT staff.

A full copy of the report is available here for download.

Have a comment on this story? Please click "Add Your Comment" below. If you'd like to contact Dark Reading's editors directly, send us a message.

Kelly Jackson Higgins

See more from Kelly
Connect directly with Kelly: Bio  |  Contact

Related Reading

News

Commentary

Most Popular

On the Web

More On the Web»

Slideshow

Dark Reading Discussions

Start the Discussion


InformationWeek encourages readers to engage in spirited, healthy debate, including taking us to task. However, InformationWeek moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. InformationWeek further reserves the right to disable the profile of any commenter participating in said activities.

Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.