News: Study Finds CISO Appointment, Business Continuity Shrinks Breach Costs
byDanielle Walker, Reporter
By appointing a CISO, breached organizations stand to fare better in their response efforts, lessening their costs by $10 per compromised record, an annual study found.
On Monday, the “2014 Cost of Data Breach Study: United States” was released, offering insight on management efforts which can improve incident response at companies. The ninth annual study, which was sponsored by IBM and conducted by the Ponemon Institute, polled 61 U.S. companies across 16 industries, after firms experienced “the loss or theft of protected personal data and then had to notify breach victims as required by various laws,” the report said.
The study found that the average number of breached records at organizations was around 29,000 records last year. Additionally, the cost of each lost or stolen record, on average, increased from $188 to $201 per record between 2012 and 2013.
The report also noted that the appointment of a CISO, and even the involvement of business continuity management (BCM) in the response process, noticeably shrunk the costs of breaches per record. For instance, having business continuity staff involved in remediation reduced costs by $13 per compromised record (as opposed $10 per record saved under CISOs), the report said.