Return on Investment

- - posted in ROI | Comments

Data Breaches

  • Lost Customer Information: What Does a Data Breach Cost Companies?, Ponemon Institute Survey sponsored by PGP Corporation, PDF. The Ponemon Institute’s benchmark study, sponsored by PGP Corporation, examines the costs incurred by 14 companies that experienced a data breach. Results were not hypothetical responses to possible situations; they represent cost estimates for activities resulting from data loss incidents.

Application Quality

  • Tangible ROI Through Secure Software Engineering, Soo Hoo K, Sudbury AW, & Jaquith AR, Secure Business Quarterly, 5 pp, Q2 2001, PDF. Securely engineering software to proactively fix problems has a concrete value. In this study of investments in security made during the design phase the authors show that ROI can be up to 21 percent.
  • The Economic Impact of Cyber Attacks, Cashell B, Jackson WD, Jickling M, & Baird W, Government and Finance Division, Congressional Research Service, The Library of Congress, document RL32331, 45 pp, 1 April 2004, PDF. This report surveys the state of knowledge on the cost of cyber-attacks and the economics of information security.
    • First, we summarize several studies that use stock market capitalization as a measure of the cost of cyber-attacks to victim firms.
    • Second, we present summaries of the existing empirical data on costs attributable to cyber-crime and computer worms and viruses.
    • Third, we analyze the reasons for the lack of statistical data.
    • Fourth, we examine the efforts of the insurance industry to develop policies that cover cyber-risk.
    • Finally, we consider cyber-attacks as macroeconomic events.