[ISN] Data breach costs decline, malicious attacks increase in US

http://healthitsecurity.com/2013/06/14/data-breach-costs-decline-malicious-attacks-increase-in-us/ By Kyle Murphy, PhD Health IT Security June 14, 2013 The cost of data breaches is on the decline, but a new source of breaches is on the rise, according to a recent survey by the Ponemon Institute. In the 2012 Cost of Data Breach Study, the organizational cost of dealing with data breaches has gone down from $5.5 to $5.4 million with the cost per record dropping from $194 to $188. In the United States, the healthcare industry only trails behind transportation in terms of per capita cost for data breaches. The cost per head is $305, which places it behind transportation ($316) but ahead of 11 other industries (e.g., communications, pharmaceutical, industrial). Considering how frequently subject matter experts compare data security and privacy approach of the healthcare and financial industry — often suggesting that the former take a cue from the latter — the fact that financial costs $50 less per capita ($254) than healthcare lends weight to that argument. So why certain industries tend to have higher-than-average costs? It has to do with oversight. “Specifically, heavily regulated industries such as healthcare, communications, pharmaceuticals and financial services tend to have a per capita data breach cost substantially above the overall mean of $188,” states the report. What should prove unsettling is what has emerged as the leading cause of these data breaches: malicious or criminal attacked. This is the first study by the Ponemon Institute to indicate these types of attacks as the most frequently encountered by organizations. In terms of distribution, human error (33%) and system glitches (26%) trailed the leader malicious or criminal attacks (41%). […] _______________________________________________ ISN mailing list ISN@lists.infosecnews.org http://lists.infosecnews.org/mailman/listinfo/isn_lists.infosecnews.org