New Report Chronicles the Cost of Data Leaks

Apr 25, 2007

A McAfee-commissioned report by the research firm Datamonitor says that 60 percent of respondents experienced a data leak last year.

Researchers at Datamonitor can give corporations 1.8 million reasons to protect themselves against data breaches.

According to the research group's new report, "Datagate: The Next Inevitable Corporate Disaster?", the average cost of a data leak incident is $1.82 million. That figure is based on accounts of 23 percent of respondents - the others were unable to track and audit losses after a breach.

The report surveyed 1,400 IT decision makers across the globe. All totaled, 60 percent of those surveyed said they experienced a data leak last year, and only six percent could state with certainty that they had no data leakage problems in the past two years.

Kevin LeBlanc, group product marketing manager at McAfee, noted that in the physical world, if a piece of merchandise is stolen, it's actually missing.

"In the electronic world, the copy is all the perpetrator needs," he said.

McAfee commissioned the Datamonitor report and is including it in its pitch for McAfee Data Loss Prevention Gateway, a new tool that company officials said will be generally available in late May. McAfee DLP Gateway prevents data loss from guest laptops, non-Windows systems such as Mac and Linux, servers, mobile devices and all other agentless devices by blocking the transfer of confidential information at the gateway.

One-third of participants in the survey said they felt a data leak could put them out of business, a statistic McAfee vice president and chief technology evangelist Carl Banzhof called alarming. Respondents estimated that it costs an average of $268,000 to inform customers of a data leak, even if the lost data is never used. In addition, 61 percent believe data leaks are the work of insiders.

Phil Neray, vice president of marketing at Guardium, of Waltham, Mass., said enterprises need to monitor all database activity at the network layer and on the database server itself to protect themselves against the insider threat.

Guardium's product, Guardium DBLP, locates and classifies sensitive data and then monitors traffic to and from database servers in search of unauthorized or suspicious activity.

"Most sensitive data is stored in enterprise databases that are at the core of your Oracle Financials, SAP or PeopleSoft systems," Neray said.

"Privileged insiders such as administrators, developers, and outsourced personnel have virtually unfettered access to these data sources. So if you're only focused on preventing leaks as the information leaves your organization at the perimeter via e-mail or IM, you're only going to catch unauthorized or suspicious activities when it's almost too late."

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Four questions about missing Malaysian plane answered

add to favorites email to friend print save as pdf

Related Stories

Studies: Cyberspying targeted SKorea, US military

Jul 08, 2013

The hackers who knocked out tens of thousands of South Korean computers simultaneously this year are out to do far more than erase hard drives, cybersecurity firms say: They also are trying to steal South ...

Google complaint highlights China-based hacking

Feb 03, 2010

(AP) -- Google's accusation that its e-mail accounts were hacked from China landed like a bombshell because it cast light on a problem that few companies will discuss: the pervasive threat from China-based cyberattacks.

Power plants, other infrastructure face hackers

Jan 28, 2010

(AP) -- More than half of the operators of power plants and other "critical infrastructure" say in a new study that their computer networks have been infiltrated by sophisticated adversaries. In many cases, foreign governments ...

NAC Attack: Today's Products Will Fail, Report Says

Apr 07, 2007

Vendors say modern NAC products will fall by the wayside in favor of software-based technologies that manage risk by integrating endpoint security, access control, identity and risk management.

Recommended for you

Four questions about missing Malaysian plane answered

Apr 19, 2014

Travelers at Asian airports have asked questions about the March 8 disappearance of Malaysia Airlines Flight 370 while en route from Kuala Lumpur to Beijing. Here are some of them, followed by answers.

Under some LED bulbs whites aren't 'whiter than white'

Apr 18, 2014

For years, companies have been adding whiteners to laundry detergent, paints, plastics, paper and fabrics to make whites look "whiter than white," but now, with a switch away from incandescent and fluorescent lighting, different ...

Freight train industry to miss safety deadline

Apr 16, 2014

The U.S. freight railroad industry says only one-fifth of its track will be equipped with mandatory safety technology to prevent most collisions and derailments by the deadline set by Congress.

User comments : 0

More news stories

Hackers of Oman news agency target Bouteflika

Hackers on Sunday targeted the website of Oman's official news agency, singling out and mocking Algeria's newly re-elected president Abdelaziz Bouteflika as a handicapped "dictator".

Ex-Apple chief plans mobile phone for India

Former Apple chief executive John Sculley, whose marketing skills helped bring the personal computer to desktops worldwide, says he plans to launch a mobile phone in India to exploit its still largely untapped ...