OSAC - Identity breach risk accelerates:
Article ID: D141380
Flaws in identity management have huge impact
Security breaches resulting from identity management flaws are rising and creating huge problems for businesses, research shows. Identity management breaches affected one in 10 large companies last year, and half of them said it was their worst security problem of the year, according to the Department of Trade and Industry's biennial Information Security Breaches Survey 2004.
The identity management part of the survey, sponsored by Entrust, found that confidentiality breaches tended to cause long term disruption to businesses, with 15 per cent of those that had been hot, reporting problems that lasted a month or longer.
'If you compare the problem of identity management to viruses, it's not growing as fast so the number of organisations that have had a major breach resulting from identity management is not as large,' said Chris Potter, the PricewaterhouseCoopers partner leading the survey.
'However, the large sting in the tail is that when people suffer financial fraud, theft or disclosure of confidential information, these breaches tend to be very, very significant to their business,' he said.
Confidentiality breaches resulted in the largest amount of staff time required to remedy the problem, at 10 to 20 man days. They also resulted in the largest monetary loss with 15 per cent costing £100,000 in legal fees, investigation costs and fines."
As this article states: The organizations are bringing this upon themselves because they have not implemented new technologies and basic controls. For more information on this growing operational risk see "Six Ways to Mitigate the Risk of Corporate Identity Theft"