The Costs of Bad Security

May 30, 2011 Off By David

Grazed from MIT Technology Review. Author: David Talbot.

Keeping up: The Enterprise Strategy Group, a consulting firm, asked 308 IT professionals in large companies what factors motivated their decisions to improve data security. Regulatory compliance topped the list
Credit: Credit: ESG Research Report, Protecting Confidential Data Revisited, April 2009

Last month, Sony revealed the price tag associated with cleaning up the massive security breach that exposed personal information of more than 100 million users of its PlayStation Network and Qriocity streaming-media services: at least $171 million. It was the largest such breach any company had ever experienced, according to Sony’s chairman, Sir Howard Stringer, and the staggering sum will cover security improvements, customer compensation, and investigative services. But the full toll will be harder to measure, because it will include the loss of customer confidence in the company.

The episode was a reminder of the stakes involved in data security—and an indicator that many organizations are not protecting themselves well enough. "When it comes to all of these security problems, companies aren’t spending up front but have to spend a lot of money on the back end to fix things," says Thomas Ristenpart, a computer security researcher at the University of Wisconsin, Madison.

CategoryNews

G-Cloud Open Data Platform

Do cloud developers need to go back to school?