Survey: Data Breaches Have Almost Become 'A Statistical Certainty' : The Two-Way In a survey of 583 U.S. companies, 90 percent of them said they had been hacked in the past year. One expert called the finding "mind blowing."
NPR logo Survey: Data Breaches Have Almost Become 'A Statistical Certainty'

Survey: Data Breaches Have Almost Become 'A Statistical Certainty'

Over the past few months, it seems like we've heard about a relentless string of cyber attacks on everyone from Sony to the Central Intelligence Office. Now, a new survey conducted by Ponemon Research found that hackings are widespread, with 90 percent of the 583 U.S. companies surveyed saying they've been hacked in the last year.

PC World reports:

Nearly 60% reported two or more breaches over the past year. More than 50% said they had little confidence of being able to stave off further attacks over the next 12 months.

Those numbers are significantly higher than similar surveys and suggest that a growing number of enterprises are losing the battle to keep malicious intruders out of their networks. "We expected a majority to say they had experienced a breach," said Johnnie Konstantas, director of product marketing at Juniper[, the firm that commissioned the survey].

"But to have 90% saying they had experienced at least one breach and more than 50% saying they had experienced two or more, is mind blowing," she said. It suggests "that a breach has become almost a statistical certainty," these days.

The New York Times reports that 60 percent of the respondents said they identified the source of the attack and perhaps not surprisingly, 34 percent were traced back to China and 19 percent to Russia.

Here are a couple more highlights from the report (pdf):

— The cost of an attack can be significant: "When asked to consider cash outlays, internal labor, overhead, revenue losses and other expenses related to the security breach, 41 percent of respondents report that it was $500,000 or more"

— "As a result of these multiple breaches, more than one-third (34 percent) of respondents say they have low confidence in the ability of their organization's IT infrastructure to prevent a network security breach."