High Bit Security: 2/3 of All Data Breaches Preventable With Proactive Security Testing, New Ponemon Institute Study Documents Breach Causes and Costs
Ponemon Research Institute 2013 Cost of Breach report identifies malicious and criminal system attacks and system glitches as primary causes of data breaches. Penetration testing would disclose majority of vulnerabilities that allowed information theft.
Rochester MI (PRWEB) June 12, 2013
“The ℠gold standard´ for source and cost of data breach information has been Traverse City Michigan´s Ponemon Institute for the last 8 years,” said Barbara Goushaw, Chief Business Development Officer for High Bit Security. “This year´s study dramatically illustrates that companies who take proper precautions can eliminate or mitigate the devastating costs of a data breach.”
Each year, Ponemon Institute researchers interview a significant number of companies across multiple sectors that have experienced a data breach in the last 12 months. For the first time malicious and criminal attacks take the lead as the number one source of data breach (41%) followed by human error (33%) and system glitches (26%). Further, the study showed that breaches as a result of malicious attacks cost $277.00 per record, system glitches cost $174.00 per record, and human error cost $159.00 per record. The study also provided breach costs across multiple different sectors. Healthcare topped the list at $305.00 per breached record with financial a close second at $254.00 per record.
“Proactive security (penetration) testing will identify the vast majority of the issues that leave a company vulnerable to both malicious attacks and system glitches,” said High Bit Security COO, Adam Goslin. “The study found that in 2012, malicious and criminal attacks increased 37% over the previous year. Penetration testing will identify the security holes a malicious attacker would otherwise exploit, allowing the company to address the issues before becoming a victim.”
40% of the breaches were caused by a third party: vendors, outsourced service, or business partners. “Partner organizations who fail to secure the primary company´s data is a huge problem,” continued Goslin. “Corporations need to do their due diligence on suppliers and partners — anyone who may have access or be linked to their records or intellectual property. Cyber criminals will seek out these partner organizations – they are often as lucrative to attack as the primary target. Hackers will use these third parties as an entry point to the primary target. We recommend and perform full vendor assessments, security audits and penetration testing for partner organizations.”
Third party security consulting and proactive security stance were cited as the most effective way organizations can reduce the cost of remediating a breach. “We have worked with clients and performed post breach testing, but we prefer to work with clients before they have an issue,” said Goushaw. “Taking a proactive security testing stance, testing systems and applications then eliminating vulnerabilities as preventive measure, costs a fraction of the expense of remediating a breach.”
About High Bit Security: High Bit Security is a national security services provider, providing penetration testing solutions to clients who need to protect sensitive data in industries such as Healthcare, Credit Card, Financial, or companies that otherwise store Intellectual Property or Personally Identifiable Information. High Bit Security also provides security consulting services to our clients to assist them with their compliance objectives across PCI-DSS, PA-DSS, HIPAA, SSAE-16 evaluations or wish to perform a security best practices audit of their organization. Contact High Bit Security today for a free consultation to take steps toward protecting your sensitive information. http://www.HighBitSecurity.com 800-757-3144
For the original version on PRWeb visit: http://www.prweb.com/releases/prweb2013/6/prweb10821268.htm