E-CommerceALERT.com is part of the Bennett Gold LLP web site network.
LINK TO: Bennett Gold LLP, Chartered Professional Accountants, home page.
LINK TO: E-CommerceALERT.com Home Page.
CLICK to GO BACK to Main Page.

Research and retrieval of news articles by:
Bennett Gold LLP, Chartered Professional Accountants

Effective December 31 2012, articles are no longer being updated on this web site.
The site is now maintained as an historical archive, covering notable e-commerce news articles from the period 1999 to 2012.


Source: Australian IT

Posted on October 30, 2008

      Almost 80 per cent of local organizations have experienced a data breach in the past five years, with a further 40 per cent reporting between six and 20 known breaches during the period, according to Symantec's first Australian data loss survey.

      As well, 59 per cent of businesses surveyed suspected they had suffered undetected data breaches, but were unable to identify what information had left the organisation, or how. Symantec Australia managing director Craig Scroggie said the results show that talk about data loss is "not just hype, but a real and present challenge that organisations manage on a daily basis".

      Mr Scroggie said he fell victim to a data breach when a local restaurant accidentally mailed out its entire customer database, including credit card details, as an attachment to an email dining offer.

      "I have 3499 new friends who each know as much about me as I know about them," he told a press briefing in Sydney.

      The restaurant suffered considerable financial loss in notifying customers about the exposure, remediating the situation through assistance with monitoring for possible fraud, and damage to reputation.

      The survey is the first to try to put a figure on costs related to local data breaches, with 34 per cent of respondents saying an average breach cost around $5000, while 14 per cent reported costs between $100,000 and $999,999, and 7 per cent reporting costs over $1 million.

      But Symantec manager Steve Martin said $5000 would only cover the cost of replacing a lost or stolen laptop, and did not take into account the financial costs associated with loss of confidential financial or customer information, or proprietary business data.

      Mr Martin said the largest cost relating to a local data breach was estimated at $8 million.

      Businesses were most prone to losing customer records (55 per cent of all breaches), employee records (48 per cent), intellectual property (43 per cent), commercially sensitive information (35 per cent), bank and credit card details (21 per cent), and financial information (20 per cent).

      The main cause of data breaches was lost laptops (45 per cent of all breaches), human error (42 per cent) and lost mobile phones or devices (30 per cent).

      Malicious actions by insiders were responsible for 28 per cent of all breaches, while the deliberate removal of paper records from organisations was surprisingly in second place at 26 per cent. Malware and hacking were involved in 24 per cent of all breaches.

      In one instance, several employees in a company suffered fraud on their bank accounts, only to realise later that their employer's payroll database had been hacked, Mr Martin said.

      Meanwhile, Mr Scroggie said businesses are only now becoming aware of their obligations to secure customer, employee and company confidential information amid calls for mandatory data breach notification legislation and other proposed changes to the federal Privacy Act.

      But he said businesses were not waiting to be forced into action, and were actively looking at how to secure sensitive data in today's "organisations without walls".

      "Many believe confidential information is most at risk when employees are mobile," he said. "To reduce the impact of data loss, organisations must first discover where their confidential data is held, how it is being used, and how to protect it wherever it happens to be."

      Mr Scroggie said Symantec's acquisition of data loss prevention (DLP) specialist Vontu had given the company a unique offering to discover, monitor and protect confidential data across an organisation's network, endpoint and storage systems.

      Symantec yesterday released version 9 of its DLP product, with "improved coverage" for potential loss from employees using laptops or mobile devices to send emails, webmail and instant messages even while disconnected from the corporate network.

      The product is also designed to prevent sensitive information being electronically printed or faxed out of the organisation, or copied onto storage devices, Mr Scroggie said.

      The online survey was completed by 156 IT managers from companies in a variety of industries with more than 100 employees, and annual turnovers between $10 million and $500 million.

CLICK to GO BACK to Main Page.

E-Commerce Alerts are issued by Bennett Gold LLP, Chartered Professional Accountants as situations develop. Bookmark this site and check back often. Our e-mail address is: info@BennettGold.ca

In accordance with United States Code, Title 17, Section 107 and Article 10 of The Berne Convention on Literary and Artistic Works, the news clippings on this web site are made available without profit for research and educational purposes.

Final Entries

LINK TO: Bennett Gold, Chartered Professional Accountants: A Licensed Provider of WebTrust Services.

WebTrust Is Your
Best Defense
Privacy Breaches.

Get WebTrust
Working For
Your Site.