One question we are asked on virtually every IDM engagement is “what does it cost if there is a data breach” –  This is a very good question and depending on your sector the cost can fluctuate - obviously to build a business case for an identity project this is an important bit of statistical information and cannot be overlooked. Therefore the following article from Davey Winder is very interesting – As a point of fact, one thing that Salford Software provide to all our customers is a fully detailed ROI (return on investment) report.

"How much will a data breach cost my business? That’s the question often asked of risk management consultants by companies looking to balance the cost of security against the potential damage of lost or stolen data. Well, courtesy of privacy and information management research specialists the Ponemon Institute we have an answer albeit a generic one: £64. That’s £64 for each and every lost customer record, and not the total impact upon the bottom line, I hasten to add. It’s a little less for public sector organisations at £54 per record, and a little more for the private sector at £69, but the average is £64.

The Ponemon Institute, together with PGP Corporation, has completed its third annual study into the costs that UK organisations will incur following a data breach and discovered that it’s gone up by seven percent, per record, on average during 2009 when compared to the 2008 figure of £60. Compare it to the 2007 result and the increase is even more dramatic as back then the cost was just £47 per record. It would appear that much of the difference can be absorbed by reduced consumer trust which contributes a whopping £29 of that £64 total.

“This third annual study shows that the financial impact of data breaches is hitting UK organisations harder and harder each year” Dr. Larry Ponemon, founder of The Ponemon Institute says, adding “In the commercial sector the costs associated with customer churn and attracting new customers are particularly acute, but our research suggests these firms are getting better at detection, remediation and customer communications. However, these efficiencies aren’t shared in the public sector, where the direct costs of a data breach are significantly higher. For example, the cost of notifying users that their records might have been compromised is more than four times higher for public organisations than for private firms”.

Oh, and in case you were wondering, the average total cost of a data breach according to the report was a staggering £1.68 million. If Data security is high on your agenda and you would like to know more about securing you databases call us on 0161 906 2233.