FT : Data Leakage Survey

Wednesday, April 25, 2007

About 60% of companies in the US, UK, Australia, France and Germany have had data leaks in the past year, some of which could have resulted in catastrophic losses of data such as the recent theft of 46m credit card numbers from discount clothing chain TK Maxx.  Only 6% of companies can say with confidence that they have not experienced data leakage problems in the past two years, while three out of five say some data exposure has occurred in the past 12 months, according to a survey by research group Datamonitor and McAfee, a computer security company that makes money from sales of software and hardware to prevent data intrusion. 

Data leakage can range from relatively minor cases, such as an employee leaving a laptop or USB drive unattended in a public place, to a full-scale hacking attack by people outside the company.  However, 33% of companies believe a data leak could potentially put them out of business, according to the survey, which polled some 1,400 large enterprises across the five countries.  The average cost of a data breach was estimated to be $1.86m (€1.37m, £930,000), although many companies said they were unable to track and audit the full extent of losses.  States such as California now require companies to inform their customers when a data leak has taken place, and companies estimated that this notification process alone costs on average $268,000…..About 61% of data leakage is caused by insiders, according to the survey.  Many of these breaches were unintentional – for example, an employee losing a laptop.  Some were intentional but not malicious, such as an employee copying a confidential legal document on to a USB drive to work at home.  However, 23% of data leaks were malicious.  They might be external hacking attacks or employees stealing company secrets.  About 55% of companies polled had disciplined an employee because of a data leak.  In the US, 60% of companies had gone so far as to dismiss staff.  McAfee, the IT security group, said companies needed to start by auditing the confidential information on their systems.

Reference :  http://www.ft.com/cms/s/9c1f34f4-f200-11db-b5b6-000b5df10621.html

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: