Could a data breach ruin your company?
In this Age of Digital, many Small Medium Businesses (SMB) and larger enterprises have to constantly be on the lookout for potential security and data breach threats.
A data breach in an SMB or enterprise is defined as an event where a brand’s name is potentially at risk, either in electronic or paper format. The 2016 Ponemon Institute Cost of Data Breach study identified three main causes of a data breach:
- a malicious or criminal attack
- a system glitch
- human error
The cost of a data breach can vary according to the cause, the systems in place to safeguard your company and the amount of lag time hackers have when accessing your systems undetected.
The Cost of Data Breach study was based on 383 companies in 12 countries. South Africa’s data breach incidents throughout 2016 were analysed for the first time. Other countries included France, Brazil, the United Kingdom, the United States of America, Germany, Australia, the Arabian region (the United Arab Emirates and Saudi Arabia) and Canada.
7 global megatrends in the Cost of Data Breach research
Certain ‘megatrends’ have been revealed when studying the data breach experience of over 2,013 organisations in every industry over the years.
1. Cost of data breach has not fluctuated
Since inception of this research, the cost of a data breach has not fluctuated significantly. This could indicate that companies have taken on more agile security in line with their data protection strategies.
2. Biggest consequence of data breach
The biggest financial consequence experienced by organisations is lost business.
3. Most common data breaches
The majority of data breaches continue to be as a result of criminal and malicious attacks. Unfortunately, such attacks take the most time to detect and contain, and have the highest cost per record.
4. Amount of lag time vital
The longer it takes to detect and contain a data breach, the more costly it becomes to resolve.
5. Industries with the most expensive data breaches
The most costly data breaches are in regulated industries, such as healthcare and financial services. This is because of the higher-than-average rate of lost business and customers, as well as fines.
6. Reducing the number of data breaches
Improvements in data governance programs such as incident response plans and the appointment of a CISO have resulted in cost savings.
7. Investments in certain data loss prevention controls reduced the cost of a data breach
Data loss prevention measures such as encryption and endpoint security solutions are crucial for preventing data breaches. The study revealed a decrease in the cost of a data breach when threat sharing and data loss prevention technologies were used.
Average cost of a data breach
According to research in the study, the average cost of a data breach is $4 million (up from $3.8 million in the 2015 study). This, however, varies according to size of company as most SMBs are attacked by cybercriminals, while data breaches in large enterprises and corporations are attacked by ‘hacktivists’.
The report shows a 29% increase in the total cost of a data breach since 2013. The average cost per lost or stolen record is $158.
3 ways to prevent a data breach in the future
1. Implementing agile security measures
Implementing certain software such as a CERTASSURE code signing certificate can prevent a data breach in the following two events:
- A software publisher planning on distributing code or content over the internet.
- A software publisher planning on distributing applications via corporate intranets.
Applications signed with a code signing certificate show customers that the code comes from you and has not been altered or tampered with since it was created and signed.
2. Better employee training
Increasing staff awareness of potential attack vectors, such as phishing or social media scams can significantly reduce the possibility of a data breach. The study found that training lowered the cost of a data breach by $9 per record.
3. Balance between day-to-day operations and security spending
Kaspersky’s report entitled, “The financial impact of IT security on U.S Businesses: IT Security Risks 2016” commented that throwing money at a security issue problem would not guarantee success a data breach-free environment. Instead, companies need to find a balance between security spending and day-to-day operations.
Reducing the impact of the financial implications of a data breach can be ensured with better employee training and awareness.
To read the entire 2016 Ponemon Institute study click here.
CERTASSURE Inc. is a specialist provider of next-generation SSL and digital signed certificates. Founded to provide small, medium and large enterprises with trusted, easy-to-use and scalable solutions, CERTASSURE Inc.’s business model is centred on its customers and people that serve its customers. Prizing simplicity, value and support for each client, CERTASSURE goes the extra mile to understand their unique operational and industry requirements and turn limitations into opportunities to deliver the most valuable SSL solution.
Get in touch with CERTASSURE