Cloud Data Breaches mo' Money

BY: ON MONDAY, FEBRUARY 23, 2015

IT people need to beef up their opinions about cloud security, says a recent report by the Ponemon Institute called “Data Breach: The Cloud Multiplier Effect.”

Yes, data breaches occur in the cloud. In fact, it can be triple the cost of a data breach involving a brick and mortar medium.

The report put together data from the responses of over 600 IT and IT security people in the U.S. The report has three observations:

  • Many of the respondents don’t think that their companies are adequately inspecting cloud services for security.
  • The cost of a data breach can be pricey.
  • When a business attempts to bring its own cloud, this is the costliest for high value intellectual property.

More Results

  • 72% of the participants thought that their cloud service providers would fail to notify them of a breach if it involved theft of sensitive company data.
  • 71% believed this would be the same outcome for customer data breaches.

Many company decision makers don’t think they have a whole lot of understanding into how much data or what kind is stored in a cloud.

  • 90% thought that a breach could result when backups and storage of classified data were increased by 50 percent over a period of 12 months.
  • 65% believed that if the data center were moved from the U.S. to a location offshore, a breach could result.

All of these findings mentioned here are the result of self-estimations rather than objective analysis of real breaches.

Ponemon also determined that if a breach involved at least 100,000 records of stolen personal data, the economic impact could jump from an average of $2.4 million to $4 million, up to $7.3 million. For a breach of confidential or high-value IP data, the impact would soar from $3 million to $5.4 million.

In addition to the self-reporting loophole, the report had a low response rate: Only 4.2 percent of the targeted 16,330 people responded, and in the end, only 3.8 percent were actually used. Nevertheless, you can’t ignore that even self-estimated attitudes paint a dismal picture of how cloud security is regarded.


Image
via Shutterstock

About the Author

Robert Siciliano
Robert Siciliano, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds.
Comments
comments powered by Disqus