New Report Chronicles the Cost of Data Leaks

Apr 25, 2007

A McAfee-commissioned report by the research firm Datamonitor says that 60 percent of respondents experienced a data leak last year.

Researchers at Datamonitor can give corporations 1.8 million reasons to protect themselves against data breaches.

According to the research group's new report, "Datagate: The Next Inevitable Corporate Disaster?", the average cost of a data leak incident is $1.82 million. That figure is based on accounts of 23 percent of respondents - the others were unable to track and audit losses after a breach.

The report surveyed 1,400 IT decision makers across the globe. All totaled, 60 percent of those surveyed said they experienced a data leak last year, and only six percent could state with certainty that they had no data leakage problems in the past two years.

Kevin LeBlanc, group product marketing manager at McAfee, noted that in the physical world, if a piece of merchandise is stolen, it's actually missing.

"In the electronic world, the copy is all the perpetrator needs," he said.

McAfee commissioned the Datamonitor report and is including it in its pitch for McAfee Data Loss Prevention Gateway, a new tool that company officials said will be generally available in late May. McAfee DLP Gateway prevents data loss from guest laptops, non-Windows systems such as Mac and Linux, servers, mobile devices and all other agentless devices by blocking the transfer of confidential information at the gateway.

One-third of participants in the survey said they felt a data leak could put them out of business, a statistic McAfee vice president and chief technology evangelist Carl Banzhof called alarming. Respondents estimated that it costs an average of $268,000 to inform customers of a data leak, even if the lost data is never used. In addition, 61 percent believe data leaks are the work of insiders.

Phil Neray, vice president of marketing at Guardium, of Waltham, Mass., said enterprises need to monitor all database activity at the network layer and on the database server itself to protect themselves against the insider threat.

Guardium's product, Guardium DBLP, locates and classifies sensitive data and then monitors traffic to and from database servers in search of unauthorized or suspicious activity.

"Most sensitive data is stored in enterprise databases that are at the core of your Oracle Financials, SAP or PeopleSoft systems," Neray said.

"Privileged insiders such as administrators, developers, and outsourced personnel have virtually unfettered access to these data sources. So if you're only focused on preventing leaks as the information leaves your organization at the perimeter via e-mail or IM, you're only going to catch unauthorized or suspicious activities when it's almost too late."

Copyright 2007 by Ziff Davis Media, Distributed by United Press International

Explore further: Non-emergency lines still need a back up plan in case of another meltdown

add to favorites email to friend print save as pdf

Related Stories

Studies: Cyberspying targeted SKorea, US military

Jul 08, 2013

The hackers who knocked out tens of thousands of South Korean computers simultaneously this year are out to do far more than erase hard drives, cybersecurity firms say: They also are trying to steal South ...

Google complaint highlights China-based hacking

Feb 03, 2010

(AP) -- Google's accusation that its e-mail accounts were hacked from China landed like a bombshell because it cast light on a problem that few companies will discuss: the pervasive threat from China-based cyberattacks.

Power plants, other infrastructure face hackers

Jan 28, 2010

(AP) -- More than half of the operators of power plants and other "critical infrastructure" say in a new study that their computer networks have been infiltrated by sophisticated adversaries. In many cases, foreign governments ...

NAC Attack: Today's Products Will Fail, Report Says

Apr 07, 2007

Vendors say modern NAC products will fall by the wayside in favor of software-based technologies that manage risk by integrating endpoint security, access control, identity and risk management.

Recommended for you

E-Voting: Risky technology or great improvement?

10 hours ago

On this forthcoming weekend the Australian state election takes place, and in Victoria State they will be using a new e-voting system to improve secrecy, reliability and user-friendliness. But how secure are such systems? ...

Namibia prepares for Africa's first e-vote

Nov 26, 2014

Namibia will vote in Africa's first electronic ballot Friday, a general election that will usher in a new president and quotas to put more women in government.

US agency threatens to act against air bag maker

Nov 26, 2014

A dispute between U.S. safety regulators and air bag maker Takata Corp. escalated Wednesday when the government threatened fines and legal action unless the company admits that driver's air bag inflators ...

Japan orders air bag maker to conduct probe

Nov 21, 2014

Japan's transport ministry said Friday it has ordered air bag maker Takata to conduct an internal investigation after cases of its air bags exploding triggered safety concerns in the United States and other countries.

User comments : 0

Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.