Data breach costs rising

It might be time to open your company's wallet a little wider. A new study by Gartner says that data breaches are set to cost businesses 20 percent more each year through 2009. Are you ready for increasing phishing and other hack attacks that may take your system down? It's definitely a headache for any CIO. Gartner VP John Pescatore said that more attackers are using the credentials of legitimate users to sneak into secure systems. So what's a CIO supposed to do? Gartner estimates that the average business is already spending more than 5 percent of its IT budget on security, and another 7 percent on disaster recovery. The study also said that 90 percent of targeted attacks could be avoided without an increase in firms' security budgets, and said that the investments that enterprises had made in intrusion prevention, vulnerability management and network access control had largely paid off. Gartner warned that just spending more money was not the right answer. It advised CIOs to make sure that security was a top requirement for every new application, process and product. It also recommended establishing security metrics to measure spending efficiency.

To read about data breaches:
- see Washington Post article