Breaches, Damned Breaches and Their Statistics

Molly McGinnis Stine
Locke Lord LLP
Contact
LinkedIn
Facebook
X
Send
Embed

Interesting conclusions about data breach costs emerge from two new studies, the 2015 Ponemon Institute’s Cost of Cyber Crime Study: Global and the 2015 NetDiligence® Cyber Claims Study. While the phrase alluded to in our title and popularized by Mark Twain might invite general skepticism about statistics, these two well-regarded studies leave no doubt that both data breaches and the average cost of addressing them are on the rise.

The Ponemon report found that the current year’s average internalized cost for a cyber crime suffered by a U.S. entity is $15 million, an almost 20% increase over the prior year’s average. The costs vary with the size of the breached entity, the number of records, the nature of the infiltration, the type of information affected, and the duration of the breach and the remediation.

The NetDiligence® report found that “hackers were the most frequent cause of loss” and that there was “insider involvement in 32% of the claims submitted” to insurers. The authors also noted that more claims are being submitted to insurers. The average claim payout from an insurer to an insured entity was $674,000, with more than 75% of the amount associated with crisis services (forensics, notification, credit/identity monitoring, legal guidance, and public relations). According to the report, costs for an insured organization are up to 30% lower than for an uninsured entity.

While the Ponemon Institute examined the costs of a breach and not who pays for it, the recent NetDiligence® report focused on the portion of breach costs and exposure covered and paid for by insurers. With different methodologies and purposes, information from the two reports is not intended to match up. However, both reports reveal ever-increasing numbers of cyber incidents, significant costs or potential exposure, and confirmation that the scope and effects of breaches can be wide-ranging.

The Ponemon study examines its field-based research, including interviews of senior-level personnel, of more than 500 organizations in seven countries. The NetDiligence® study is based on information from insurance underwriters about covered claims arising from data breaches and their costs.

Send Print Report

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Locke Lord LLP | Attorney Advertising

Written by:

Locke Lord LLP
Locke Lord LLP
Contact
more
less

Locke Lord LLP on:

Reporters on Deadline

"My best business intelligence, in one easy email…"

Your first step to building a free, personalized, morning email brief covering pertinent authors and topics on JD Supra:
Sign Up Log in
*By using the service, you signify your acceptance of JD Supra's Privacy Policy.
Custom Email Digest
- hide
- hide