Following recent news that three major South Korean
credit issuers have been suspended by the country’s financial watchdog due to a
massive data breach, this blog will look into the real cost to business of a
data breach.
For the 6th year running the average UK data
breach cost has risen – this time by 16.5% from £1.75m to £2.04m in 2013. As a
result the danger of a breach is back on the agenda for most data centric
organisations. According to the latest research by Symantec Corp. & Ponemon
Institute in the 2013
Cost of Data Breach Study, the average UK firm could be
liable for costs of over £2 million should it fall foul to employee negligence
or malicious attacks.
The prospect of private customer data getting into the
wrong hands is becoming an increasingly concerning reality for many organisations
across the UK and abroad. The costs involved in protecting data from a breach
are not insignificant, but should a breach occur, the bill can be much larger.
Recent discussions have seen EU Justice Commissioner, Viviane Reding, push
for much tougher fines for institutions
breaching EU data privacy laws. She is quoted as saying that under
her new plans for privacy failings, Google would owe $1bn for breaking
Spanish data protection laws.
So with Governmental and regulatory
pressure along with hiking costs, the heat is on organisations to protect
vulnerable databases and educate employees in safeguarding vital data from
catastrophe.
According to the report, the most costly data
breaches are those malicious and criminal, as with the recent South Korean
breaches - where it is believed a temporary employee of the KCB stole data via
a USB stick and sold the information to phone marketers.
Across all nine countries covered by the research,
malicious and criminal attacks are a key factor in 34% of all cases surveyed. The
number of breached records per incident averaged at 23,647, with German and U.S
companies having the most costly breaches at $199 and $188 per record,
respectively. Organisations most
susceptible to data breaches include those in the financial, pharmaceuticals
and communications industries, partly due to the sheer amount of data these
industries hold.
However, it is concerning that employee negligence continues to be the most common
cause of data loss. This involves anything from employees losing devices
containing confidential information to failing to adhere to best practice and
securing data as it is received by the business. With employees increasingly
exploiting the trend of BYOD and with data being transferred unsecured across
the internet, lost on USB or other portable devices or misplaced within
personal devices – it is vital that any incident response plan accounts for
these types of external mishaps in addition to the protection of internal data.
The on-going costs related
to business reputation are also considerable.
The study reveals that fewer customers are remaining loyal to businesses
that have been the subject of a breach which resulted in a loss of information.
Increasingly, companies dealing with a previously ‘breached’ organisation are
taking their business elsewhere.
It is therefore critical
that businesses take the appropriate measures to reduce the impact of potential
breaches - including training employees and having an incident response plan in
place should anything untoward occur. Implementing these measures well in
advance will reduce the cost to the business in the long run.
1 comments:
According to research, in 2015 the average total cost of a data breach for the participating companies increased 23 percent over the past two years to $3.79 million. That means that no sector, network, or system is immune to all threats. The result is that companies are investing record amounts to protect themselves from system breaches. To a word about data security, regarding my personal experience in this matter, I need to say that the most reliable service for data sharing is VDR, and no doubt, the most reliable provider is iDeals virtual data room software.
Post a Comment