Full RSS Feed
Receive
the Free CMSWire NewsletterIn the GRC this week, Symantec and the Ponemon Institute have put a figure on how much data breaches are costing companies and offer an online tool for calculating your risk, OpenLogic is worried about software compliance in Android and iPhone/iPad releases, Kroll opens a document review center, while McAfee opens a data storage center with added security in the UK.
Data Breach Costs Rising
If you’ve been trying to quantify just how much a data breach could cost, then Symantec (news, site) and the Ponemon Institute (news, site) have done just that, with this year’s version of the 2010 Annual Study: U.S. Cost of a Data Breach report.
And it’s all bad news for those who refuse to believe that this is not a problem. The report shows that data breaches grew more costly for the fifth year in a row with the average organizational cost of a data breach rising to US$ 7.2 million, an average of US$ 214 per compromised record.
No surprise that this is markedly higher when compared with US$ 204 in 2009. The study also found that, for the second straight year, organizations' need to respond rapidly to data breaches drove the associated costs higher.
The sixth annual Ponemon Cost of a Data Breach report is based on the actual data breach experiences of 51 U.S. companies from 15 industry sectors. Findings from the study include:
- Rapid response to data breaches is costing companies 54% more per record than companies that moved more slowly.
- 43% of companies notified victims within one month of discovering the breach, up seven points from 2009. In 2010; these quick responders had a per-record cost of US$ 268, up 22% from 2009; companies that took longer paid US$ 174 per record, down 11%.
- Malicious or criminal attacks are the most expensive and are on the rise. In this year's study, 31% of all cases involved a malicious or criminal act, up seven points from 2009, and averaged US$ 318 per record, up 43% from 2009.
Companies can analyze their own risk by visiting Symantec's Data Breach Risk Calculator. Based on six years of trend data, the calculator takes into account an organization's size, industry, location and security practices to estimate how much a data breach would cost on both a per-record and organizational basis. Check out the calculator here. You will also find the report on the Symantec site.
OpenLogic Assesses Software Compliance
More research, this time from OpenLogic (news, site) about iPhone and Android compliance breaches. According to OpenLogic’s scan and license compliance assessment of 635 mobile applications, 71% of Android, iPhone and iPad apps containing open source code failed to comply with basic open source license requirements.
Using its scanner, OSS Deep Discovery, OpenLogic scanned compiled binaries, and source code where available, for the applications to identify open source under GPL, LGPL and Apache licenses.
For the 66 applications scanned that contained Apache or GPL/LPGL licenses, 71% failed to comply with four key obligations that OpenLogic analyzed.
It also found that, among the applications that use the Apache or GPL/LGPL licenses, the compliance rate was only 29%. Android compliance was 27% and iPhone/iOS compliance was 32%. Overall compliance of Android applications using the GPL/LGPL was 0%.
Continue reading this article:
Email It
