Many Hacked Businesses Remain Unprepared For The Next Breach

[security curmudgeon <jericho () attrition org>]

---------- Forwarded message ----------
From: InfoSec News <alerts () infosecnews org>

http://www.darkreading.com/attacks-breaches/many-hacked-businesses-remain-unprepared/240153520

By Kelly Jackson Higgins
Dark Reading
April 24, 2013

A company suffers a data breach. So, of course, it then retrenches and 
shores up its defenses and processes to prepare for the next attack, 
right? Not so much, a new survey of organizations that have suffered 
breaches shows: More than one-third of organizations hit by data breaches 
still have no formal plan or process in place to handle the next breach.

The data, gathered from 470 senior privacy and compliance professionals 
mainly in retail, healthcare, and pharmaceutical firms that have 
experienced at least one data breach, also shows the real fallout of a 
breach and how most organizations are well-aware of the fallout: 
Seventy-six percent have had or expect to have a breach that results in 
loss of customers and business partners, and 66 percent have, or expect 
to, suffer "serious" financial consequences in the wake of a breach.

Three-fourths have had or expect to suffer a breach that hurts their 
public image.

Even so, many of them remain unprepared for the next attack, according to 
the new Ponemon Institute report, "Is Your Company Ready for a Big Data 
Breach?"

[...]
_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://datalossdb.org/mailing_list

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Risk Based Security equips organizations with security intelligence, risk
management services and on-demand security solutions to establish
customized risk-based programs to address information security and
compliance challenges.