Saturday, January 07, 2006
Price of Security Breaches...
By Mark Hall at ComputerWorld
...reaches nearly $14 million per incident. That's according to a study conducted by Ponemon Institute LLC for PGP Corp., a security software vendor in Palo Alto, Calif. Just another vendor-sponsored report slanted to back up breathless marketing claims? Perhaps. But Larry Ponemon, chairman of his namesake institute, got a firsthand look at 14 companies that made the news this year for losing customer data. Ponemon did individual audits to learn the direct costs borne by the affected companies (such as attorneys' fees and the cost of mailings and calls to affected customers), plus indirect expenses like lost productivity and opportunity costs (such as the long-term revenue hit from customers taking their business elsewhere). Andrew Krcik, PGP's marketing vice president, says he understands that people may quibble about the details of the indirect expenses, but he adds that the $69.8 million in direct costs paid by the 14 surveyed companies ought to be a wake-up call. As a marketer, Krcik thinks the most worrisome finding from the study was that the participating companies lost 2.6% of their customers on average after suffering data breaches. "Do you know how expensive it is to acquire new customers?" he asks. "A lot."
...reaches nearly $14 million per incident. That's according to a study conducted by Ponemon Institute LLC for PGP Corp., a security software vendor in Palo Alto, Calif. Just another vendor-sponsored report slanted to back up breathless marketing claims? Perhaps. But Larry Ponemon, chairman of his namesake institute, got a firsthand look at 14 companies that made the news this year for losing customer data. Ponemon did individual audits to learn the direct costs borne by the affected companies (such as attorneys' fees and the cost of mailings and calls to affected customers), plus indirect expenses like lost productivity and opportunity costs (such as the long-term revenue hit from customers taking their business elsewhere). Andrew Krcik, PGP's marketing vice president, says he understands that people may quibble about the details of the indirect expenses, but he adds that the $69.8 million in direct costs paid by the 14 surveyed companies ought to be a wake-up call. As a marketer, Krcik thinks the most worrisome finding from the study was that the participating companies lost 2.6% of their customers on average after suffering data breaches. "Do you know how expensive it is to acquire new customers?" he asks. "A lot."
# posted by raveneye @ 11:01 PM 
