Continuing yet again to highlight great information found in the “2009 Annual Study: Cost of a Data Breach” by the Ponemon Institute, and sponsored by PGP, another good takeaway concerns malicious attacks versus insider negligence.

Most folks aren’t surprised to hear that malicious and criminal attacks are more expensive (more damaging) than insider negligence or systems glitches, by a score of $215 to $154/$166 (page 5 of the report). In fact, the most intense focus tends to be on the “attack of the bad guys.”

According to the report, 24 percent of all breaches studied involved a malicious or criminal attack. So, from a damage standpoint, it’s very important to safeguard against such malicious, purposeful attacks.

But there’s an interesting second side to that coin. If 24 percent of cases involved a malicious or criminal attack, then presumably 76 percent did not. That is, 76 percent of cases involved insider negligence, system glitches, and so forth. So, from an odds standpoint, it’s “three times more important” to be wary of insider negligence, system glitches, and other non-malicious events.

And, the core technology used to safeguard against both malicious and non-malicious data breach is the same. Encrypted data is encrypted data, and trackable laptops are trackable, malicious intent or otherwise.