Press Release

Kaspersky Lab Global Survey Shows Third-Party Disclosure of a Data Breach is Often Unavoidable

The Study Found 73 Percent of Companies Were Obligated by a Third-Party to Disclose Security Breach Information

Woburn, MA – October 23, 2013 - The Global Corporate IT Security Risks 2013 survey, conducted by Kaspersky Lab and B2B International, found that 73 percent of companies were obligated by a third party to disclose information about a security breach. The survey also found that once a data breach occurred, 53 percent of companies experienced damage to their reputation.

Public disclosure of information regarding IT security incidents is often inevitable.The Kaspersky Lab study revealed that on average, 44 percent of companies that suffer a data breach are forced to disclose the incident to clients who might potentially be affected. Also, 34 percent informed their business partners, 33 percent informed their suppliers, and 27 percent reported to regulators. Lastly, 15 percent of companies were obliged to disclose details to the media.

In addition, the survey results also revealed that large companies more frequently disclose details about IT security incidents to third parties. These organizations must primarily report to regulators, clients, and the media. The need to disclose this type of information risks causing substantial damage to corporate reputations. Often times, disclosure is also associated with financial losses in the form of fines imposed by regulators, and compensation for related losses incurred by clients and partners.

Since regulators, contractual obligations to clients and partners, and other factors often do not permit a company to keep information about data breaches confidential, the only real way to avoid this type of damage is to prevent an IT security incident from happening in the first place — by building a secure, protected IT infrastructure.

Preventing data leakages
A solid strategy for maintaining the security of an IT infrastructure means, first and foremost, using an advanced security platform such as Kaspersky Endpoint Security for Business. This platform provides anti-malware protection against complex targeted attacks and real-time threats across the entire company IT infrastructure - physical, mobile and virtual - together with security systems management, control and encryption tools. This level of security, in combination with employee education about IT threats, can form the foundation of an action plan guaranteeing the highest level of protection against cyber-attacks.This strategy will also help lower the risk of financial loss and reputation damage resulting from a security breach.

About Kaspersky Lab
Kaspersky Lab is the world’s largest privately held vendor of endpoint protection solutions. The company is ranked among the world’s top four vendors of security solutions for endpoint users*. Throughout its more than 15-year history Kaspersky Lab has remained an innovator in IT security and provides effective digital security solutions for large enterprises, SMBs and consumers. Kaspersky Lab, with its holding company registered in the United Kingdom, currently operates in almost 200 countries and territories across the globe, providing protection for over 300 million users worldwide. Learn more at http://usa.kaspersky.com.

* The company was rated fourth in the IDC rating Worldwide Endpoint Security Revenue by Vendor, 2011. The rating was published in the IDC report "Worldwide Endpoint Security 2012–2016 Forecast and 2011 Vendor Shares (IDC #235930, July 2012). The report ranked software vendors according to earnings from sales of endpoint security solutions in 2011.

For the latest in-depth information on security threat issues and trends, please visit:

Securelist | Information about Viruses, Hackers and Spam
Follow @Securelist on Twitter

Threatpost | The First Stop for Security News
Follow @Threatpost on Twitter

Media Contact
Sarah Bergeron
781.503.2615
sarah.bergeron@kaspersky.com