In 2009 German companies had to invest more than they did only a year ago when they suffered a data breach with subsequent data abuse. More and more frequently the source of the error leading to violation of data protection is not in the company’s own building but on the premises of external providers who are processing or using company data on the company’s behalf. These are the results of the ‘Jahresstudie 2009: Kosten von Datenpannen’ [“2009 Annual Study: Cost of a Data Breach”], which examines the financial consequences of data loss and abuse in German companies with reference to real-life data.
The study, for the second time carried out by Ponemon Institute and supported by PGP Corporation, is based not on hypothetical assumptions but on the actual facts and figures resulting from data breaches and subsequent cases of data abuse in 22 German companies. The data breaches covered by this study range from cases of fewer than 3,300 data records affected to cases of around 63,000 data records. Data from a total of twelve different industries was covered, the emphasis being on quantifying the direct and indirect costs and the subsequent expenditure arising from loss or theft of personal data, using objective measurement criteria.
Read more of the press release here.