New Study by Experian® Data Breach Resolution and Ponemon Institute Examines the Aftermath of Data Breaches
IT Professionals Provide Insight into How Data Breaches Impact Organizations
Irvine, Calif., January 25, 2012 – Nearly everyday consumers willingly provide their personal information to organizations online with no hesitation, neglecting to realize how that information can be exposed due to employee negligence, insider maliciousness, system glitches or attacks by cyber criminals. With Data Privacy Day (Saturday, January 28) right around the corner, Experian Data Breach Resolution and the Ponemon Institute released today compelling survey findings from more than 500 IT professionals who have experienced a data breach at their company.
“The responsibility of keeping customers’ information secure cannot lie solely on the shoulders of IT; rather every executive in the organization should be aware since the reverberation of a breach will be felt by everyone,” said Ozzie Fonseca, senior director at Experian Data Breach Resolution. “Survey results show us that a data breach is often the result of human error or a crime– neither of which can be 100 percent prevented. As such, companies must put measures in place – training, preparedness plans, guidelines, etc. -- to help protect their customers’ information.”
Survey respondents had 10.5 years or more of IT experience, with 73 percent reporting directly or indirectly to the chief information officer (CIO) or the chief information security officer (CISO). Also, to ensure that the answers were based on the same breach throughout the entire survey, respondents were asked to focus only on one data breach they believed had the greatest financial and reputational impact to their organizations.
“Data breaches are frequent and as a result millions of consumers are vulnerable to having their identity stolen,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “IT professionals in this study are correct when they say that following the loss or theft of consumer data it is critical for companies to take steps to understand the root cause in order to prevent another breach and protect consumers from future harm.”
The study yielded compelling insights, found below, into how a company assesses the cause, reacts to the breach and evaluates next steps.
While respondents were candid with their feedback, they also offered suggestions as to how many of these issues could be addressed in an effort to mitigate future threats. These resolution points include the following:
To access the full “Aftermath of a Data Breach” Report, visit www.Experian.com/PonemonAftermathStudy.
For more information, visit http://www.experian.com/databreach.
About Experian Data Breach Resolution
Experian® is a leader in the data breach resolution industry and one of the first companies to develop solutions that address this critical issue. As an innovator in the field, Experian has a long-standing history of providing swift and effective data breach resolution for thousands of organizations, having serviced millions of affected consumers. For more information on how Experian Data Breach Resolution services enable organizations to plan for and successfully respond to data breaches, visit http://www.experian.com/databreach.
Experian is the leading global information services company, providing data and analytical tools to clients in more than 80 countries. The company helps businesses to manage credit risk, prevent fraud, target marketing offers and automate decision making. Experian also helps individuals to check their credit report and credit score, and protect against identity theft.
Experian plc is listed on the London Stock Exchange (EXPN) and is a constituent of the FTSE 100 index. Total revenue for the year ended 31 March 2011 was US $4.2 billion. Experian employs approximately 15,000 people in 41 countries and has its corporate headquarters in Dublin, Ireland, with operational headquarters in Nottingham, UK; California, US; and São Paulo, Brazil.
For more information, visit http://www.experianplc.com.
Experian and the Experian marks used herein are service marks or registered trademarks of Experian Information Solutions, Inc. Other product and company names mentioned herein are the property of their respective owners.