The Costs of Data BreachesThe Ponemon Institute has conducted studies assessing the costs of data breaches. There latest one is entitled 2006 Annual Study: Cost of a Data Breach - Understanding Financial Impact, Customer Turnover, and Preventative Solutions.
You can download the complete study at http://www.pgp.com/downloads/research_reports/ponemon.html
Following are highlights of the study, as published by the Ponemon Institute
2006 Cost of a Data Breach
-
Total per-incident costs
including average direct, indirect, and opportunity costs:- $182 per record or $4.8 million per company
- Company costs reported ranged from $226,000 to $22 million
- Total of $148 million in costs across the sample of 31 companies
- Direct incremental costs
for incremental, out-of-pocket, unbudgeted spending for outside legal counsel, mail notification letters, calls to individual customers, increased call center costs, and discounted product offers- $54 per record or $1.4 million per company
- An increase of 8 percent over 2005 results
- Indirect productivity costs
for lost employee productivity:
- $30 per record or $800,000 per company
- An increase of 100 percent over 2005 results
- Customer opportunity costs
covering brand damage, loss of existing customers, and increased difficulty in recruiting new customers:- $98 per record or $2.6 million per company
- An increase of 31 percent over 2005 results
- Free or discounted services: $24 per record
- Notification letters, phone calls, emails, web, media: $13
- Legal defense services & criminal investigations: $7
- Legal, audit, and accounting fees: $4
- Call center expenses: $3
- Public and investor relations: $1
- Internal investigations: $1
Copyright 2004-2008 The Data Governance Institute, LLC. All Rights Reserved
The site is brought to you in partnership with the Business Intelligence Network
