A data breach is, unfortunately, a common occurrence in 2019. Countless companies and governments around the world have suffered ransomware attacks and DDoS attacks that have left them helpless to deal with the damage at hand. It’s come to the point that these data breaches can cost companies millions of dollars in damages. There are multiple reasons for this. The first is obvious, sometimes the data they lose is too valuable to let go of; hence they find it easier to pay people off and get the data back. Yes, this is risky because there is no guarantee, but in their helplessness, they don’t have a choice.
On top of that, repairs need to be made to the system, and upgrades need to be made as well. The Australian government, for instance, is coming down hard on its state governments for not updating their online security systems. The US government is doing the same, and in every evaluation, the security systems are found wanting.
The average cost of a data breach by industry was listed in Fortune magazine in 2016, and it varied significantly. However, it hovered between the 2 and 3 figure limits. So, why do some data breaches cost millions if this is the case?
Well, according to a study by IBM Security and Ponemon Institute, an average data breach can cost $3.86 million. Mega data breaches which result in the loss of 1 million to 50 million records can cost between $40 million and $350 million.
These numbers were arrived at through interviews with officials at five hundred companies that had experienced data breaches and collected information on hundreds of cost factors. The costs include legal fees, reputation losses, and the cost of investigations.
This is why there’s such a tremendous range of costs involved in data breaches. Look at how much trouble Yahoo! got into when it broke the news that over a billion of its accounts had been compromised right when it was being acquired by Verizon. That snafu resulted in Verizon shaving $350 million off their original price of $4.8 billion (proposed in 2016). The average cost of a mega-breach is estimated at $118 million. Yahoo! was finally acquired by Verizon for $4.48 billion this year.
The amount of mega breaches is also increasing every year. According to the IBM and Ponemon study, there were a total of 9 mega breaches in 2013. That number increased to 16 in 2017.
Some ways of minimizing risks and costs of data breaches are to have a CERT (Computer Emergency Response Team) ready. They minimize the losses in a cyber attack, encrypt your data records, and always have a backup. This increases the likelihood that your data loss isn’t permanent, and finally trains your employees to handle and respond to data breaches so that the chances of detection and effective, timely responses increase.
Most companies have no idea how data breaches can cost so much, knowing where the costs lie, and how to reduce them, can help companies invest their resources more strategically and lower the enormous financial risks at stake.
When it comes to data breaches in today’s fast-paced tech-everything society, the odds are stacked against any business, particularly those who are operating in regulated industries. For those organizations leaving themselves vulnerable to an attack, it seems it is no longer a case of if a breach will happen, but rather when a breach will occur.
