Information Security Bulletin

Research Suggests Data Loss Could Lead to Corporate Collapse

25 Apr 10:56

McAfee, Inc., has released a report, DataGate: The Next Inevitable Corporate Disaster?, revealing a widespread belief that a major security breach, even an unintentional one, could lead to the collapse of a major corporation.

The global research, conducted for McAfee by Datamonitor, surveyed more than 1400 IT professionals at companies with at least 250 employees in the United Kingdom, United States, France, Germany and Australia. Thirty-three percent of respondents said they believe a major data loss incident involving accidental or malicious distribution of confidential data could put them out of business.

The research also suggests that while awareness regarding the danger of breaches is high, the problem continues to grow. Sixty per cent of respondents said they had experienced a data breach in the past year, and only six per cent of respondents could say with certainty that they had not experienced one in the previous two years.

Additional key findings from the research include:

a data breach that exposed personal information would cost companies an average of GBP134,000 to inform their customers - even if the lost data is never used
sixty-one per cent of respondents think that data leakage is the doing of insiders, and 23 per cent believe those leaks are malicious
nearly half (46 per cent) of respondents don't debrief or monitor employees after they have given notice that they are leaving the company
twenty-three per cent of respondents were able to estimate the total annual cost of data leakage, and the average figure they gave was USD1.82 million

Respondents rated loss of intellectual property and financial information as the two most valuable classes of data - with the average estimated cost of leaked financial data reaching USD1.68 million.

[This one shows up occasionally and has done so since around 1990 if not earlier. It would be considerably more interesting to conduct some real research into how many companies of different sizes have actually been brought down by data loss. Some research has been conducted by the National Computing Centre in the UK showing that a large percentage of small and mid-sized companies experiencing IT catastrophes disappear within five years from the date of the event but I do not recall seeing a deeper analysis of the nature of the catastrophe as a causative factor. Business continuity resilience is generally quite good in large organisations so although the feeling of those interviewed indicates that data loss could lead to total collapse this is not a likely outcome. Disclosure of personal information, however, is getting increasingly costly, and probably a more important factor than disclosure of intellectual property information. Generally, knowledge is not sufficient to exploit and successfully compete. --Ed].

Related links: (Open in a new window.)
www.mcafee.com

View printable version (opens in new window)
Back

Search ISB News:

Not yet sure you want to subscribe?

Download a free sample copy!

Download the much quoted October 2005 Editorial

Portal Frontpage
Web Editorial
About This Portal
Contact Info

IS Alerts
General News
Product News
Vendor News
People News
Literature
Events
CHI News

About ISB
Publishing in ISB
Advertising in ISB
PR Information

In the current issue:

Legal Issues
Of Trojans, Cheerleaders and Cuckoos…
Jon Colombo

Web Security
Web 2.0 vs. Web 1.0 – Security Standpoints and Challenges
Shreeraj Shah

Computer Forensics
Trends In Disk Drives and Data Transfer Speed
Steven Branigan