Data security; Surveys: data losses spur consumer flight.Two new surveys find customers are actively punishing pun·ish v. pun·ished, pun·ish·ing, pun·ish·es v.tr. 1. To subject to a penalty for an offense, sin, or fault. 2. To inflict a penalty for (an offense). 3. companies that lose their confidential and private information. Conducted by the Ponemon Institute[C] and distributed by PGP (Pretty Good Privacy) A data encryption program from PGP Corporation, Palo Alto, CA (www.pgp.com). Published as freeware in 1991 and widely used around the world for encrypting e-mail messages and securing files, PGP is available for commercial use and as freeware for Corp., the surveys find that almost 20 percent of customers immediately terminated their accounts with vendors that lost their information, and an additional 40 percent considered termination. Companies participating in a parallel study estimated incurring an average cost of $14 million per breach incident, with costs ranging as high as $50 million. The survey--Lost Customer Information: What Does a Data Breach Cost Companies?--claims to be the first of its kind to report data from actual cases of lost customer data and the associated costs incurred to recover. Covering 14 separate incidents, it represents 1.4 million compromised data records and almost $200 million in total costs. (Total cost estimates include the actual cost of internal investigations, outside legal defense fees, notification and call center costs, public relations public relations, activities and policies used to create public interest in a person, idea, product, institution, or business establishment. By its nature, public relations is devoted to serving particular interests by presenting them to the public in the most and investor relations Investor relations The process by which the corporation communicates with its investors. efforts, discounted services offered, lost employee productivity and the effect of lost customers.) The related survey--National Survey on Data Security Breach Notification--reports results from 9,000 consumers, 12 percent of whom had received notifications of information mishandling. When extrapolated to the U.S. population, an estimated 23 million consumers have received such notices. Results showed 60 percent had terminated or were considering terminating their accounts. (The reports are available from PGP at www.pgp.com/ponemon.) "The increasing incidence of reporting of lost private personal records poses a serious threat to consumer confidence--and to vendor profits," said Esther Dyson  should be added to this article, to conform with Wikipedia's Manual of Style.Please discuss this issue on the talk page. , editor of Release 1.0 for CNET (body) CNET - Centre national d'Etudes des Telecommunications. The French national telecommunications research centre at Lannion. Networks and a member of the PGP Business Advisory Board. "Yet it is the right thing to do because it is forcing companies to clean up their acts. Companies are beginning to understand the effect carelessness Carelessness See also Forgetfulness, Irresponsibility, Laziness. Grasshopper sings through summer, overlooking winter preparations. [Gk. Lit. with data can have on their reputations and their bottom line." Among the corporate survey findings: * Average additional spending resulting from a single data breach was $5 million; * Reported costs ranged as high as $50 million for an insurance company; * Average total recovery costs were $140 per lost customer record; and * Average loss was 2.5 percent of all customers, ranging as high as 11 percent. Social Security numbers are the common denominator common denominator n. 1. Mathematics A quantity into which all the denominators of a set of fractions may be divided without a remainder. 2. A commonly shared theme or trait. in many security breaches, says Andrew Krcik, marketing vice president for PGP. That makes them the data points that create real vulnerabilities. Many of the major breaches that have been revealed haven't been the fault of the company itself, but outsourced suppliers and vendors. "Companies are vulnerable to everyone in their external supply chain," warns Krcik. PGP itself focuses on "centralized cen·tral·ize v. cen·tral·ized, cen·tral·iz·ing, cen·tral·iz·es v.tr. 1. To draw into or toward a center; consolidate. 2. key management," with the help of an automated appliance device placed in the company's email gateway. Working in the background, the technology's multilayer encryption The reversible transformation of data from the original (the plaintext) to a difficult-to-interpret format (the ciphertext) as a mechanism for protecting its confidentiality, integrity and sometimes its authenticity. Encryption uses an encryption algorithm and one or more encryption keys. encrypts and de-crypts data, with users able to read the files after supplying the necessary passwords and user keys. Krcik says the average Fortune 1,000 company could expect to pay up to $2 million for installing PGP technology and perhaps an additional $400,000 a year after that for maintenance and support. |
|
||||||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion