LISTSERV - RECMGMT-L Archives - LISTSERV.IGGURU.US

RECMGMT-L Archives

Records Management

RECMGMT-L@LISTSERV.IGGURU.US

	LISTSERV Archives
	RECMGMT-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Forum View Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: RAINdrip: Data breaches cost real $$
From:	David Gaynon <[log in to unmask]>
Reply To:	Records Management Program <[log in to unmask]>
Date:	Thu, 11 Mar 2010 08:24:31 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (41 lines)

 Larry

You might be interested that the referenced study may be viewed at http://www.ponemon.org/local/upload/fckjail/generalcontent/18/file/2008-2009%20US%20Cost%20of%20Data%20Breach%20Report%20Final.pdf

You should note that the authors indicate that it is not based upon a statistical sample  but is intended to be descriptive of industry practice and experience.  The study specifically excludes breaches due to missing or stolen employee records as well as "catastrophic breaches" defined by a loss greater than 150,000 records.  The study was based on a survey sent to 110 organizations all known to have experienced a data breach or theft of customer or consumer data over the past 12 months.  43 companies elected to participate.

So in terms of the average costs it is useful to remember that the averages do not include any organizations with zero breaches and zero corresponding costs whether or not they had a designated CISO.

Regards,

David B. Gaynon
[log in to unmask]
Huntington Beach CA, USA


-----Original Message-----
From: Records Management Program [mailto:[log in to unmask]] On Behalf Of Larry Medina
Sent: Thursday, March 11, 2010 7:45 AM
To: [log in to unmask]
Subject: RAINdrip: Data breaches cost real $$

Yeah, no surprise here... http://bit.ly/bV09Pq

Interesting stat here though: 

"...companies that have a Chief Information Security Officer (CISO) or equivalent high-level security/privacy leader in place who manages data security breach incidents experienced a 50% less per cost of compromised record than companies that do not have such leadership."


Larry
[log in to unmask]
[Yes, it's really me =) ]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

List archives at http://lists.ufl.edu/archives/recmgmt-l.html
Contact [log in to unmask] for assistance
To unsubscribe from this list, click the below link. If not already present, place UNSUBSCRIBE RECMGMT-L or UNSUB RECMGMT-L in the body of the message.
mailto:[log in to unmask]

ATOM RSS1 RSS2

LISTSERV.IGGURU.US