Proving ROI in Protecting Data

April 12, 2007
New online calculator helps businesses estimate data breach costs

Offering ROI details for security investment isn't the easiest thing to do, that's for sure. For one, it's difficult to pinpoint costs of security breaches because you have to measure lost productivity in addition to lost assets. It's even more complicated to say what a breach would have cost if your security program prevented it. It's complicated by the fact that some security programs may not have sufficiently tracked incidents before the security program was upgraded. It's a fact of life that if you're asked the ROI question, you're going to be scrambling.

It's the same for both physical security directors and IT security directors, but at least for IT security pros, that work is getting a little easier thanks to the efforts of Darwin Professional Underwriters.

The company has launched its online Data Loss Cost Calculator. The online tool, which is free to use, enables business leaders to input a number of private data records affected by a security breach. Then, using standard costs for items such as legal fees, customer notification, cybercrime consulting, media management, credit monitoring and more, the calculator returns a ballpark number of the financial impact to your business.

According to Darwin, the tool was developed based on media reports and self-reported data from the Ponemon Institute that covered data breach costs for 31 companies in 25 different industry areas. Darwin has also included info on recent losses in its data loss archive. The shocking thing: A theft of 10,000 data records would cost a company an average of $1.66 million to respond appropriately.

Want to plug your own numbers into the calculator?
Go here: www.tech-404.com/calculator.html