Enterprises tapping identity technology as one way to recover after data breach

Enterprises tapping identity technology as one way to recover after data breach

Summary: To recover from a data breach, companies are turning to a number of procedures and technologies including re-education, identity and access management, and expanded use of encryption, a Ponemon Institute study reveals.

SHARE:
TOPICS: Security
0

Nearly half of all U.S.-based companies experiencing a data breach are turning to identity and access management technology as one part of their post-breach procedures to combat another incident, according to a report by the Ponemon Institute.

The Institute's annual Cost of Data Breach Study, sponsored by Symantec and released this month, shows companies are reporting that data breaches are smaller in scale and create less churn, defined as customers abandoning the company after a breach.

In addition, Ponemon reported that the average per capita cost of a data breach has dropped to $194 from $214 in the previous year's study.  In addition, the organizational cost declined from $7.2 million to $5.5 million per incident. The drops, however, are a bit misleading as the numbers calculated did not include companies that had data breaches in excess of 100,000 records. Ponemon said they were excluded "because they are not representative of most data breaches and including them in the study would skew the results."

The post-breach activities of companies revealed that 53% implement additional staff training and awareness activities and 47% rolled out identity and access management solutions. The study noted that the results reflect most companies implement more than one preventative measure following a breach.

Included on the top five list of preventative measures was expanded use of encryption (52%), additional manual procedures and controls (49%), and data loss prevention technologies (45%).

The study also noted the detection and escalation costs associated with a breach dropped 5.8% to $433,000, which suggests companies had the foresight to implement technologies and procedures to bolster these tasks.

The study also pointed out that companies can reduced the cost of a breach by up to $80 per record compromised if they have a chief information security officer on staff who is focused on enterprise data protection.

Overall, the study concluded there is evidence that companies are becoming better at managing the costs incurred to respond and resolve a data breach incident.

The study examined the costs incurred by 49 U.S. companies in 14 industries during 2011.

See also:

Topic: Security

About

John Fontana is a journalist focusing in identity, privacy and security issues. Currently, he is the Identity Evangelist for cloud identity security vendor Ping Identity, where he blogs about relevant issues related to digital identity.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

0 comments
Log in or register to start the discussion