Study: Despite Increased Security Spending, Severity Of Breaches Is On The Increase CompTIA study says human error is the most frequent cause of breaches worldwide
By Tim Wilson DarkReading
Despite increased spending on both security technology and training, most companies are experiencing more severe data breaches, according to a newly-completed study.
In its seventh annual security research study, the Computing Technology Industry Association (CompTIA) surveyed some 1,500 IT and security pros in countries around the globe. In the study, CompTIA found that the frequency of breaches had not increased significantly between 2008 and 2007, but the severity of those breaches has increased slightly. The average severity of a breach in 2008 was ranked as 5.6 on a ten-point scale, up from 5.3 in 2007 and 4.8 in 2006.
"The number of breaches may not be going up, but companies are feeling their impact a little bit more each year," says Tim Herbert, vice president of research at CompTIA.
Almost 10 percent of U.S. respondents said security breaches have cost their organizations more than $100,000 in the past 12 months. About a third saw employee productivity affected by a breach, and 20 percent saw an impact on revenue-generating activities. Nineteen percent experienced some server or network downtime as the result of a breach, and 10 percent paid fines or legal fees.