Foreword

Malcolm Marshall
Partner

Data may be as valuable as gold, yet it can slip through your fingers like water...

Information has become one of the most critical assets of an organisation and, like physical property, needs to be carefully secured.

The last couple of years have seen a significant number of data loss breaches affecting millions of people, although the actual number of reported incidents fell in 2010. This trend is probably due to a combination of greater awareness and the introduction of tougher sanctions and regulations. For example; the Information Commissioner's Office (ICO) in the UK is now able to penalise organisations of up to £500,000 for breaches of the UK Data Protection Act.

However, as cyber-criminals become ever more cunning and sophisticated, and staff suffer lapses in concentration - or get tempted by crime themselves - you're only ever one leak away from a serious crisis. It's more important than ever to remain vigilant to avoid serious damage to your reputation, financial loss and regulatory fines.

The findings from this year's Data Loss Barometer; our research into worldwide reports of data loss incidents, show that the threat from hackers, malicious insiders and careless staff remains high.

Only by continuing to build new, improved safeguards, and developing a security-aware culture, can organisations keep one step ahead of those that seek to breach their defences.

Malcolm Marshall, Partner, Information Protection and Business Continuity, KPMG in the UK

Data Loss Barometer methodology

The Data Loss Barometer analyzes data loss incidents reported around the world since 2005. Such data is freely available in some countries thanks to legislation that ensures full disclosure of data loss incidents. In other countries, information is obtained via KPMG's network of international firms and consultants. Key information sources include the media, internet searches and independent news or data feeds.

Care is taken to use data only from reputable and independent sources. Availability, consistency and accuracy of information can vary between sources, countries and by type of incident.

A list of the information sources used is too large to include on this website but particular thanks should go to the Open Security Foundation who have provided invaluable support and information.

© 2012 KPMG International Cooperative ("KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved.