Feeds

Intel reveals 'the billion dollar lost laptop problem'

Chipzilla's plan to rescue $bns spent on McAfee

SANS - Survey on application security programs

Intel is trumpeting a recent study that shows businesses and other organizations risking billions of dollars annually due to lost or stolen laptops. But worry not: it has a "third pillar" to prop up those losses.

"Looking at these results, you can barely fathom the significant financial impact of missing laptops," the general manager of Intel Anti-Theft Services Anand Pashupathy said in a release announcing the study.

"More astonishing," Pashupathy added, "considering the vulnerability of laptops and their data is that the majority of these companies aren't taking even basic precautions to protect them."

Intel, of course, has its own reasons for raising the specter of laptop security breaches — 7.68 billion reasons, to be exact. That's how many simoleans Chipzilla shelled out for security firm McAfee, which it acquired this August.

When discussing that acquisition with reporters and analysts, Intel CEO Paul Otellini said: "We have concluded that security has now become the third pillar of computing, joining energy-efficient performance and Internet connectivity in importance."

And so now Intel has released a study — "The Billion Dollar Lost Laptop Problem" (PDF) — that it conducted in conjunction with the independent privacy and information-security researchers at the Ponemon Institute.

The study surveyed 329 private and public US organizations, which taken together reported a total of 86,455 lost or missing laptops.

Those numbers are firm. The total dollar amount put at risk by those lost, missing, or stolen laptops is a bit fuzzier, however — that is, if you consider statistical wizardry such as Bayesian probabilistic analysis to be fuzzy.

Speaking with reporters in San Francisco on Thursday, the Ponemon Institute's chairman and founder Larry Ponemon said that a 2009 study he conducted entitled, appropriately enough, "Cost of a Lost Laptop" (PDF), determined that an organization would be out an average of $49,246 per lost laptop.

That survey's cost average was a weighted one, calculated to reflect such factors as different combinations of encryption and confidential material in those 86,455 missing laptops. The costs — stat-speak for "risks" — includes such factors as "replacement cost, detection, forensics, data breach, lost intellectual property costs, lost productivity and legal, consulting and regulatory expenses."

Ponemon was clear that such a high weighted average doesn't indicate that most — or even many — laptops are of that value. "In some cases, a laptop is going to contain no information," he told reporters, "but in some cases it's going to contain the trade secrets of the universe. The probability of that laptop being lost or stolen is probably very low, because there's very few laptops that would fall into that category.

"So when we actually calculate the number — the average — there are some laptops that are probably unbelievably expensive, millions of dollar of potential loss, because that laptop is unique. But many laptops, the majority of laptops, are not that expensive."

Despite those caveats, the report claims that the total amount at risk in the 329 organizations surveyed is "a staggering $2.1bn."

Joining Ponemon at Thursday's event was Intel's chief information security officer Malcolm Harkins, who said that it was the rare user who even knew that there was valuable or confidential information on his or her laptop. "When you ask somebody, 'Hey was there anything sensitive on [your laptop]?'," he said, "most of the time you get the answer of 'No'. Probably 75 per cent of the folks don't really recognize that they have sensitive content on there."

High performance access to file storage

Next page: More than data loss

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Putin tells Snowden: Russia conducts no US-style mass surveillance
Gov't is too broke for that, Russian prez says
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Heartbleed exploit, inoculation, both released
File under 'this is going to hurt you more than it hurts me'
Arts and crafts store Michaels says 3 million credit cards exposed in breach
Meanwhile, Target investigators prepare for long process in nabbing hackers
Canadian taxman says hundreds pierced by Heartbleed SSL skewer
900 social insurance numbers nicked, says revenue watchman
prev story

Whitepapers

SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.