LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: Records management insurance
From:	Frederic Grevin <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Wed, 17 Sep 2014 19:43:51 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (38 lines)

Ralph Better asked "Can you please provide a source for this?" (referring to my statement "I have read that the current (2014) cost of data breach notification (and remediation) is about $45.00 per person").

No, I can't. It may have been posted onto this listserv, or been included in an article in a publication. That's why I worded my statement so cautiously.

So I did a quick search for "cost of data breach notification". Here are some of the results, starting with those that give a US dollar amount.

Ponemon Institute "Ponemon Study Shows the Cost of a Data Breach Continues to Increase" (http://www.ponemon.org/news-2/23) "... data breach incidents cost U.S. companies $204 per compromised customer record in 2009, compared to $202 in 2008."  (January 2014)

Zurich General Insurance "Data Breach Cost. Risks, costs and mitigation strategies for data breaches" (2012) (http://www.zurichna.com/internet/zna/sitecollectiondocuments/en/products/securityandprivacy/data%20breach%20costs%20wp%20part%201%20(risks,%20costs%20and%20mitigation%20strategies).pdf) "According to the 2010 Ponemon report on data breach costs, companies that responded with quick notification ended up paying an average of $268 per record compared to the average of $174 per record by companies that took the appropriate time to analyze the event."

Kroll Cyber Security (http://www.krollcybersecurity.com/resources/data-security-resources/data-security-statistics.aspx) "Data Security Statistics" (nd):
"In 2010, the estimated cost of a general data breach was $214 per compromised record, up $10 (5 percent) from 2009."
"The estimated cost of a data breach caused by negligence is $196 per record, an increase of 27 percent from 2009."
"The estimated cost of a data breach caused by a third-party service provider is $302 per record, 41.1 percent more per compromised record than a general data breach."
"The estimated cost of a data breach involving lost or stolen laptop computers or other mobile data-bearing devices is $258 per record, 20.5 percent more per compromised record than a general data breach."
"Organizations experiencing a first breach pay the highest breach costs. In 2010, the cost per compromised record of an organization’s first data breach averaged $326 (up $98 or 43 percent from 2009 data)."

Other sources of information include:

Property Casualty 360° "The Status of Data Breach Notification Laws in the United States", May 23, 2014 (http://www.propertycasualty360.com/2014/05/23/the-status-of-data-breach-notification-laws-in-the?page=3&page_all=1) 

The Metropolitan Corporate Counsel. "The Cost Of A Data Breach: The Health Care Perspective", Monday, November 18, 2013. http://www.metrocorpcounsel.com/articles/26260/cost-data-breach-health-care-perspective 


Fred
------------------------------------------------------------------------------------
Frederic J. Grevin
Vice-President, Records Management
New York City Economic Development Corporation
www.nycedc.com 
[log in to unmask] 
212-312-3903 (w)

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US