Computer Theft & Recovery Statistics

Business Practices:

• 30% of respondents believe their companies would be unable to determine what sensitive/confidential information resided on a laptop if lost or stolen.
Ponemon Institute, LLC, August 15th, 2006


• The vast majority of companies worldwide—almost 64 percent—still have not created C—level security positions such as chief security officer or chief information security officer.
CIO, The Global State of Information Security 2006, September 15th, 2006


• Only 37% of respondents say they have an overall security strategy. At companies with CSOs, that number leaps to 62%. Likewise, 80% of companies with CSOs also employed CISO or equivalent, compared with 20% overall.
CIO, The Global State of Information Security 2006, September 15th, 2006


• 74% of subjects indicated they provide training programs to increase employee awareness about data leakage
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• Roughly 40% of businesses still spend less than 1% of their total IT budgets on information security and protection.
DTI Information Security Breaches Survey 2006, May 1st, 2007

Data Loss And Its Costs:

• 85% of organizations surveyed reported that they have had a data breach event.
Scott and Scott LLP and Ponemon Institute LLC, May 15th, 2007


• One in five organizations said they have sustained financial losses due to attacks on mobile data platforms.
EIU & Symantec’s Internet SecurityThreat Activity Research, March 19th, 2007


• A data breach that exposes personal information could cost companies an average of $268,000 to inform their customers—even if the lost data is never used.
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• An ordinary notebook holds content valued at 550,000 pounds ($972,000), and that some could store as much as 5 million pounds — or $8.8 million — in commercially sensitive data and intellectual property.
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• A third of companies surveyed said a major security breach could put them out of business.
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• Only 37% believe their company is effective at preventing breaches. 41% feel they won’t even detect the breach.
Ponemon Institure Research, Oct 23rd, 2006


• Only 35% of the Fortune 100,000 IT professionals say they are equipped to deal with lost corporate or personal data.
Privacy Rights Clearinghouse, A Chronology of Data Breaches, April 9th, 2007


• Since early 2005, more than 150 million personal records have been exposed.
Privacy Rights Clearinghouse, A Chronology of Data Breaches, April 9th, 2007


• Total costs averaged $182 per lost customer record, an increase of 30 percent over 2005 results. The average total cost per reporting company was $4.8 million per breach and ranged from $226,000 to $22 million.
2006 Annual Study: The Cost of Data Breach. Ponemon Institute, LLC, 2007


• On average, the cost of preventative measures is 4 times less than the cost of a breach.
2006 Annual Study: The Cost of Data Breach. Ponemon Institute, LLC, 2007


• At $182 per record lost for 93 million records compromised in 2006, the cost would be $16.9 billion.
2006 Annual Study: The Cost of Data Breach. Ponemon Institute, LLC, 2007

Identity And Personal Data Theft:

• Theft or loss of a computer or data storage medium, make up 54% of all identity theft-related data breaches.
EIU & Symantec’s Internet Security Threat Activity Research, March 19th, 2007


• Since early 2005, more than 150 million personal records have been exposed.
Privacy Rights Clearinghouse, A Chronology of Data Breaches, April 9th, 2007

Internal Theft:

• 61% of respondents think data leakage is an insider’s job. 23% believe those leaks are malicious.
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• A third of all thefts of equipment in large businesses are carried out by employees.
DTI Information Security Breaches Survey 2006, May 1st, 2007


• 89% view insider threats as serious, yet only 49 percent think CEOs have the same perception.
Ponemon Institute, Press Release, September 12th, 2006

Data Breach:

• 85% of organizations surveyed reported that they have had a data breach event.
Scott and Scott LLP and Ponemon Institute LLC, May 15th, 2007


• One third of companies surveyed said a major security breach could put them out of business.
McAfee and Datamonitor’s Data Loss Survey, 2007 (requires registration)


• More than 90% of the breaches were in digital form.
2006 Annual Study: The Cost of Data Breach. Ponemon Institute, LLC, 2007


• Nearly two third of respondents believe there will be an increase in security—related incidents next year. Three fifths believe it will be harder to actually detect the breach.
DTI Information Security Breaches Survey 2006, May 1st, 2007

Education:

• In 2005, 78 of the 152 incidents reported were at higher education institutions; of those, 14 were the results of stolen computers. These physical thefts represent stolen personal data involving more than 360,000 individuals.
Gartner, Stolen Laptops Denote a Growing Data Security Breach for Higher Education, March 10th, 2006 (requires registration)

Stolen/Lost Laptops:

• 47% of computer security professionals surveyed reported a laptop theft over the past twelve months.
FBI & CSI’s annual Computer Crime and Security Survey, 2006


• From 2005 to 2006 there was an 81% increase in the number of companies reporting stolen laptops containing sensitive information.
2006 Annual Study: The Cost of Data Breach. Ponemon Institute, LLC, 2007

For more Computer Theft & Recovery Statistics click here.

 

Request More Information