Friday, December 17, 2010

Have You Got An Extra Few Million Dollars Laying Around?

I am always worried/disturbed when I see reports of data breaches. This particularly the case when it involves a higher education institution. The have been three recently reported: the University of Hawaii (which I previously wrote about here), University of Wisconsin - Madison, and most recently The Ohio State University.

The good news is that at least the last two did not involve any cardholder data. That doesn't make the breaches any less worrying, though. If one kind of data can be exposed, then so can cardholder data. The thing about these most recent breaches is that we are starting to see the serious financial costs involved.

According to this report:
Following the lead of other data breach victims, [the school] is offering a year’s worth of credit protection services, which according to Lynch, will cost the university approximately $4 million.
Add this to the brand damage to any institution and the costs can mount fast.

So I guess my holiday wish (in addition to my other holiday wishes...) is that decision makers everywhere realize that while security and compliance is expensive, lack of security is a whole lot more expensive.

No comments:

Post a Comment