The Costs Of A Data Breach

Uploaded on 2020-07-31 in NEWS-Cybersecurity News, FREE TO VIEW, BUSINESS-Services-IT & Telecoms, BUSINESS-Services-Financial

The cost of a data breach is not only the monetary value of an incident, but also the implications regarding loss of respect, negative PR and commercial credibility loss of the business. 
 
A severe data breach can be hugely detrimental to a company, particularly where stakeholders are concerned. The statistic, per IBM and the Ponemon Institute's annual Cost of a Data Breach report aggregates costs reported by 507 organisations, from 17 industries, from 16 regions worlwide.
 
Through interviews with 3,211 individuals, IBM and Ponemon collected data points regarding the number of customer records lost or stolen in breaches, how the company responded to the breach, and how their business fared after the breach. 
 
After analysing data breaches that happened across the world between April 2018 and April 2019, researchers at IBM reported that the average, total cost of a data breach to a business is a phenomenal $3.92 million.  They also found that companies in the US had the highest average cost of all countries, at around $8.19 million. 
 
To reach these figures, the researchers considered the monetary losses that were incurred in the four areas involved in a data breach:
 
  • Detection and escalation – this refers to any costs resulting from detecting and reporting a cybersecurity incident, such as auditing and investigation.
  • Notification – this aspect includes the financial cost of having to notify people of the incident, such as time spent making calls or writing letters to customers.
  • Response – this relates to the costs involved with the company’s response to the breach. This could be anything from legal advice to free gifts and discounts for customers.
  • Business losses – when a breach occurs, it will usually cause disruption and even downtime to a business. This area relates to the loss of revenue experienced as a result.
The Cost of Losing Credibility 
 
Even if  a business survives the financial difficulties that are associated with a data breach,there are further problems to contend with. A major cyber security incident, this can often deter new and even existing customers, who feel that their personal information is not in safe hands with your company. 
 
For small businesses in particular, this damaged reputation can be extremely hard, or even impossible to recover from.
 
Rebuilding a business reputation is vital in order to attract new customers, and keep existing clients on the books. After a breach, these stakeholders need to know that the business has taken the incident seriously, and is doing as much as possible to guarantee the protection of sensitive information going forwards.
 
Damaged  Stakeholder Relationships
 
As customers lose faith in a business after a data breach, so may other stakeholders, including investors and employees. The cost of these damaged relationships can also be profound, as these individuals, who are imperative to the business’ existence, may seek to part ways. 
 
A data breach can lead to discontent or even the departure of key employees, particularly if it was their personal information that was leaked. 
 
Such an incident will certainly lead to doubt and anxiety, causing employees to be distrustful of the employer. The publicity of such a data leak is also likely to put off potential new recruits in the future.
 
Where investors are concerned, many are likely to lose faith in the company simply because a breach has been allowed to happen. This is because a data breach demonstrates that the business is vulnerable, and ill-prepared for cyber-attacks.
 
The Real Cost Of A Data Breach
 
Taking into account the financial, credibility, and relationship implications of a data breach, it’s clear that the cost of this kind of incident can be severely damaging. For SMEs in particular, that may have a small budget and therefore less of a defence against cyber-crime, the costs can even lead to bankruptcy. Sadly, cyber criminals are all too aware of this, and are often known to target smaller businesses.
 
The true cost of a data breach will entirely depend on the nature of the attack, and the damage it has caused. Cyber criminals want different thing and while the overall goal is usually financial, this cost may not always be crippling. Many companies find that the damage a breach causes to their reputation is actually more detrimental than the immediate monetary costs involved.
 
The best defence against a data breach is to put in place adequate shields against cyber-crime, before one happens. This should include the use of quality security software, data encryption, and educating your staff about staying protected online.
 
IBM:        CPO Magazine:        Data Insider:   
 
You Might Also Read:
 
Cyber Attacks Knock 7.2% Off The Average Company Share Price:
 
« Women In Cyber Security Are Paid Much Less Than Men
#BLM Targeted By Racist Cyber Attacks »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cloudera

Cloudera

Cloudera provide the world’s fastest, easiest, and most secure data platform built on Hadoop.

Infiltrate

Infiltrate

INFILTRATE is a deep technical conference that focuses entirely on offensive security issues.

Trust in Digital Life (TDL)

Trust in Digital Life (TDL)

TDL is a membership association comprising companies, SMEs, universities and research institutes who exchange experience and insights to make digital services in Europe trustworthy and safe.

Soracom

Soracom

Soracom offers secure, scalable, cloud-native connectivity developed specifically for the Internet of Things.

3Elos

3Elos

3Elos operates in the Information Technology market with a focus on research, development, consulting, marketing and implementation of Information Security solutions.

Ordr

Ordr

Ordr Systems Control Engine. The first actionable AI-based systems control engine for the hyper-connected enterprise. You’re in control.

Partnership for Conflict, Crime and Security Research (PaCCS)

Partnership for Conflict, Crime and Security Research (PaCCS)

PaCCS delivers high quality and cutting edge research to improve our understanding of current and future global security challenges in areas including cybersecurity.

Defendify

Defendify

We built Defendify to help small businesses navigate the cybersecurity landscape with cybersecurity that is dead simple, affordable, and works around the clock.

Automox

Automox

Remediate vulnerabilities 30X faster than the industry norm – and dramatically reduce your risk with simple, fast, and cloud-native endpoint hardening from Automox.

Qasky

Qasky

Anhui Qasky Quantum Technology Co. Ltd. (Qasky) is a new high-tech enterprise engaged in quantum information technology industrialization in China.

Razorpoint Cybersecurity

Razorpoint Cybersecurity

Razorpoint’s world-class security experts have provided advanced, effective cybersecurity expertise to corporate and public-sector organizations around the world.

Virtue Security

Virtue Security

Virtue Security are specialists in web application penetration testing.

TAFEcyber

TAFEcyber

TAFEcyber is an Australian based consortium focusing on the skilling of the fast-growing cyber security workforce through education and training.

SkillsDA

SkillsDA

SkillsDA is pureplay company in cyber security involved in capacity building towards National Security.

Tyto Athene

Tyto Athene

At Tyto Athene, we harness the power of technology to provide solutions that shape the future.

Infodot Technologies

Infodot Technologies

Infodot Technologies specialize in a co-managed IT support and services approach, where businesses share their IT responsibilities with a skilled Managed IT Services Provider (MSP).