Companies underestimate costs of security breaches

Aveksa announced the findings of a recent survey conducted to examine many different facets of IT security, including::

• Concerns about moving sensitive applications and data to external cloud-based providers
• The importance of obtaining visibility and control of who has access to critical IT assets in the data center
• The potential cost of security breaches for companies.

Survey respondents, consisting of IT executives from large, global companies across many different vertical industries, were asked what their primary concerns were in regards to moving sensitive applications and data to external cloud-based providers. 49% of respondents stated that unauthorized application access was a major concern in this area.

Respondents were also asked how important it was to obtain fine-grained, entitlement-level visibility and control of who has access to critical IT assets in the data center (such as operating systems, hypervisors, databases, middleware, web servers and systems management applications).

98% of the respondents stated that stringent access control for data center assets was either very important or critically important.

Finally, respondents were asked how much they thought IT security breaches cost companies per compromised record. 42% of respondents stated they thought the cost was less than $200 per affected record with many believing it was less than $100 per record.

According a recent study by the Ponemon Institute, the cost of IT security breaches is $214 per compromised record. For example, it is estimated that it cost Sony $171 million to clean up the recent Playstation security breach.

“While distributed computing environments provide many efficiencies for IT organizations, they also result in greater security concerns, especially around Access Governance. as demonstrated in our survey,” said Vick Viren Vaishnavi, President and CEO of Aveksa.

“Whether it is moving applications and data to the cloud or gaining greater visibility and control over data center assets across distributed computing environments, the respondents in our survey clearly indicated that Access Governance is one of the major security concerns they are addressing. The survey also demonstrates that many companies are underestimating the high costs of cleaning up user records following a security breach. In order to mitigate the risk of IT security breaches, enterprises need to implement more preventative processes and stronger access controls to applications and data.”