Barely a day goes by without news of another data breach at a major corporation or institution. From Sony to Citicorp, and the International Monetary Fund to the U.S. Senate, systems have proved vulnerable to hackers with uncertain motives.
For every case that makes the headlines, however, there are hundreds that happen out of sight. A report by the Ponemon Institute – conducted before this year’s high-profile breaches – found that data breach incidents cost U.S. companies $204 per compromised customer record in 2009, compared to $202 in 2008. Despite an overall drop in the number of reported breaches (498 in 2009 versus 657 in 2008 according to the Identity Theft Resource Center), the average total per-incident costs in 2009 were $6.75 million, compared to $6.65 million in 2008.
The most expensive data breach event included in the study cost a company nearly $31 million to resolve. The least expensive total cost of data breach for a company included in the study was $750,000.
The report also points out that there is great risk in outsourcing. Third-party organizations account for 42 percent of all breach cases, and these are among the most costly due to additional investigation and consulting fees.
Ponemon’s annual “U.S. Cost of Data Breach Study” tracked a range of cost factors, including outlays for detection, escalation, notification and response along with legal, investigative and administrative expenses, customer defections, opportunity loss, reputation management, and costs associated with customer support such as information hotlines and credit monitoring subscriptions.
Very little of this is news to insurance underwriters, agents and brokers in the technology space, of course. They understand that the cost of data loss can be huge. That’s why they have for years been trying to motivate customers to take protective measures to guard against breaches while also updating their coverages to meet the changing exposure. Now insurance pros are just as busy helping customers deal with the aftermath of breaches.
Ponemon also released a list of the top 20 most trusted companies for privacy. On top of the list was American Express. Two insurers – Nationwide and USAA – made the list.
Financial institutions, including insurance carriers, agencies and brokerages, are among those with the most to lose if customers lose faith in their privacy protections. They, like everyone, have to keep up with this growing risk as hackers’ skills seems to outpace security. But while they are rushing to take care of others, they must take care of themselves, too.
Was this article valuable?
Here are more articles you may enjoy.