Ponemon Institute
Sign Up for the Ponemon News Feed for special reports and important updates regarding privacy and security

News & Updates

Ponemon Institute is pleased to announce the release of Flipping the Economics of Attacks, sponsored by Palo Alto Networks. In this study, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. As revealed in this research, while some attackers may be motivated by non-pecuniary reasons, such as those that are geopolitical or reputational, an average of 69 percent of respondents say they are in it for the money.


Tag: Cyber Crime
eGov Initiative Not Without Risk to Citizen Data
November 19, 2009, 7:36 am

The eGovernment movement is a good thing, and maybe too long in coming given how many years businesses have been taking advantage of technology to provide convenience and a higher quality of service to their customers. Constituent services have been available online for years, certainly, but only recently has the effort to modernize government been policy.

Yet the push to digitalize federal agencies is not all photo ops and campaign sound bites. There’s risk involved, and unless that risk is acknowledged and addressed up front, the information that our government collects about its citizens – information we are often compelled to provide – may be in danger of compromise to negligence, malicious insiders, or cyber criminals.
That conclusion is not only one that any rational observer of data security and data privacy issues could have drawn through simple deduction, but it has been confirmed by a recent study the Ponemon Institute conducted.
Sponsored by CA, we talked to more than 200 senior IT professionals working for a variety of federal agencies to gauge their feelings and confidence related to the kinds of technologies being adopted by the feds and how data security might be affected. The results, as released in our Cyber Security Mega Trends study?
§ 79% of respondents see the rise in the use of collaboration tools as significantly increasing the storage of unstructured data sources that contain confidential or sensitive information that is not adequately protected or secured.
§ 71% of respondents believe that cyber terrorism is on the rise and this trend poses a very serious threat to the protection of proprietary systems as well as our nation’s critical infrastructure.
§ 63% see the mobility of the government workforce as contributing significantly to endpoint security risks as a result of a plethora of insecure mobile data-bearing devices that are susceptible to malware infections and botnet attacks.
§ 52% of respondents say that Web 2.0 applications such as social networking, social messaging, blogging and wikis contribute to the leakage of confidential or sensitive information as well as susceptibility to malware and botnet attacks.
It all adds up to an acknowledgement on the part of those individuals tasked with managing and protecting citizen data that there’s a great deal of risk involved in the digitization of federal processes. That doesn’t mean that we shouldn’t continue to make progress in dragging constituent services into the 21st Century, but what it does mean is that these eGov initiatives must be undertaken with proper consideration given to the security of sensitive personal information.
When we file our taxes, participate in a census, or register for one of the many benefits to which we may be entitled, we do so with the expectation that our public servants will give proper care and respect to the information entrusted to them.
Given the results of the Cyber Security Mega Trends study, we would all do well to question whether that trust is well placed.
Cost of a data breach climbs higher
March 8, 2011, 10:00 am

Most privacy advocates and people in the data protection community believe that data breach costs will start coming down eventually because consumers will become somewhat immune to data breach news. The idea is that data breach notifications will become so commonplace that customers just won’t care anymore.

Second annual cost of cyber crime study is released
August 2, 2011, 11:04 am

Today we released our Second Annual Cost of Cyber Crime Study.  Our findings support other research studies suggesting increases in the frequency, severity and overall cost of cyber attacks on private and public sector organizations. Our study is sponsored by HP ArcSight.  I would be very pleased to discuss this year's findings, framework and research methods.  Please feel free to call us directly or send an email to to schedule a one-to-one meeting.

The Human Factor in Data Protection
January 12, 2012, 12:00 am

(Click to download study) Ponemon Institute is pleased to present the results of The Human Factor in Data Protection. Sponsored by Trend Micro, this research focuses on how employees and other insiders can put sensitive and confidential information at risk and what organizations are doing to reduce this risk.

2011 Second Annual Cost of Cyber Crime Study Benchmark Study of U.S. Companies
August 10, 2011, 10:01 am

(Click to download study) Despite widespread awareness of the impact of cybercrime, cyber attacks continue to occur frequently and result in serious financial consequences for businesses and government institutions. 


2015 Cost of Cyber Crime Study: United States
October 9, 2015, 9:00 am

We are pleased to present the 2015 Cost of Cyber Crime Study: United States, the sixth annual study of US companies.  Sponsored by Hewlett Packard Enterprise, this year’s study is based on a representative sample of 58 organizations in both the public and private sectors. While our research focused on organizations located in the United States, most are multinational corporations.

The complete report is available for download.

Flipping the Economics of Attacks
February 17, 2016, 12:00 am

In Flipping the Economics of Attacks, we look at the relationships between the time spent and compensation of today’s adversaries and how organizations can thwart attacks. 

The complete study is available for download.

2016 Cost of Cyber Crime Study & the Risk of Business Innovation
February 6, 2017, 12:00 am

We are pleased to present the 2016 Cost of Cyber Crime Study & the Risk of Business Innovation sponsored by Hewlett Packard Enterprise. This year’s study on the annual cost of cyber crime is based upon a representative sample of 237 organizations in six countries. 

2017 Cost of Cyber Crime Study
October 1, 2017, 12:00 am

Ponemon Institute is pleased to announce the release of the 2017 Cost of Cyber Crime report. Ponemon Institute conducted the first Cost of Cyber Crime study in the United States eight years ago.

Security (23)
Privacy (22)
global security (1)
Providers (1)