Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

4/29/2010
11:47 AM
Keith Ferrell
Keith Ferrell
Commentary
50%
50%

Data Breaches More Costly In U.S. Than Elsewhere

Data breaches cost U.S. companies twice as much as they do in other countries, according to a new Ponemon Institute study. Which adds up to twice as many reasons not to get breached!

Data breaches cost U.S. companies twice as much as they do in other countries, according to a new Ponemon Institute study. Which adds up to twice as many reasons not to get breached!The array of regulations, laws and disclosure requirements that come into play when company data is breached have raised the cost of those breaches higher in the U.S. than Europe, a new global study from the Ponemon Institute shows.

According to the study, sponsored by security company PGP. U.S. companies incur costs averaging $204 per compromised record. In Germany, where disclosure and other regulations are being strengthened, the average cost is $177; in the U.K., whose regulations are relatively lax (so far; this will change in the next year or two) the cost is under $100 per record.

Globally, the average cost per record is $143.

As Germany's figures show, the cost of breaches increases along with the reach of legislation and regulation.

How much of an increase? Check this out: Ponemon reports that between 2005 and 2009 the average company cost of a breach incident rose from 4.5 million to 6.65 million.

Stricter regulation, and concerns about being in violation of those regulations following a breach, may lead some companies to over-spend on notifications, alerting all customers of a possible breach, when only a limited number of records were actually compromised.

Not that avoiding notification is any kind of solution. As a Ponemon executive pointed out, bluntly, non-disclosure is "against the law."

The challenge is balancing the degree and speed of notification against the degree of understanding and awareness of the breach's severity, and how that severity affects notification procedures.

The 2009 Cost Of A Data Breach report can be downloaded here (registration required).

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-24259
PUBLISHED: 2021-05-05
The “Elementor Addon Elements� WordPress Plugin before 1.11.2 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24260
PUBLISHED: 2021-05-05
The “Livemesh Addons for Elementor� WordPress Plugin before 6.8 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by lower-privileged users such as contributors, all via a similar method.
CVE-2021-24261
PUBLISHED: 2021-05-05
The “HT Mega – Absolute Addons for Elementor Page Builder� WordPress Plugin before 1.5.7 has several widgets that are vulnerable to stored Cross-Site Scripting (XSS) by ...
CVE-2021-24262
PUBLISHED: 2021-05-05
The “WooLentor – WooCommerce Elementor Addons + Builder� WordPress Plugin before 1.8.6 has a widget that is vulnerable to stored Cross-Site Scripting (XSS) by lower-priv...
CVE-2021-24263
PUBLISHED: 2021-05-05
The “Elementor Addons – PowerPack Addons for Elementor� WordPress Plugin before 2.3.2 for WordPress has several widgets that are vulnerable to stored Cross-Site Scriptin...