Top CyberSecurity News For 21st September 2016

  1. Rand Study: Average Data Breach Costs $200K, Not MillionsFrom DarkReading. 

     Rand taps insurance data and other sources to calculate that cyber incidents cost firms a scant 0.4% of annual revenues, on average.

    The expense and impact of enterprise data breaches may be overblown, according to a new study from the Rand Corp.

    “We find that the typical cost of a data breach is less than $200,000, far lower than the millions of dollars often cited in surveys (e.g. Ponemon 2015),” writes Sasha Romanosky, author of the Rand study, Examining the costs and causes of cyber incidents, released Tuesday. The study goes on to say that $200,000 is about what most companies spend annually on information security.

Top CyberSecurity News For 20th September 2016

  1. Over 90% of Euro Firms Hit by Data BreachFrom InfoSecurity Magazine. 

    Over 90% of European businesses have suffered a data breach in the past five years but fewer than half are concerned about it happening again, and awareness of the coming changes in European regulations is worryingly low, according to Lloyds.

    The insurance market claimed in a new report that of the 346 senior decision-makers it spoke to at large businesses, 92% had been breached and 42% were concerned about history repeating itself in the future.

    And while 97% said they’d heard of the General Data Protection Regulation (GDPR), over half (57%) claimed they know “little” or “nothing” about it.

Top CyberSecurity News For 25th May 2016

  1. Insure against a cyberwhat now? How the heck do we crunch those numbers?.From The Register. The head of a UK industry insurance organisation has called for the government to create a database where companies would be obliged to “record details of cyber attacks”. Insurers are struggling to assess premiums for newly introduced cyber insurance policies in the absence of background info, according to the head of the Association of British Insurers (ABI). Insufficient data was inhibiting the growth of the industry.
  2. Which Cybersecurity Data Should You Trust? From McAfee Labs. We are constantly battered by cybersecurity data, reports, and marketing collateral—and we shouldn’t treat all of this information equally. Security data has inherent limitations and biases, which result in varying value and relevance in how it should be applied. It is important to understand which data is significant and how best to allow it to influence your decisions. A tsunami of security metrics, reports, analyses, blogs, papers, and articles vie for our attention. Sources range from reporters, researchers, professional security teams, consultants, dedicated marketing groups, and even security-operations people who are adding data, figures, and opinions to the cauldron. We are flooded with data and opinions.