• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About
    • Secure360
    • UMSA
    • Get Involved
  • Events
    • Secure360 2021
    • Student360
    • Past Events
      • 2020 Secure360 Twin Cities
      • 2020 Student360
      • 2019 Secure360 Twin Cities
      • 2019 Student360
      • 2018 Secure360 Twin Cities
      • 2018 Secure360 Wisconsin
      • 2018 Student360
      • 2017 Secure360 Twin Cities
      • 2017 Student360
      • 2016 TC Secure360 Conference
      • 2015 Secure360 Conference
      • 2014 Secure360 Conference
      • 2013 Secure360 Conference
        • 2013 Secure360 Conference Speaker Presentations
      • 2012 Secure360 Conference
  • For Sponsors
    • Secure360 Twin Cities
    • Student360 Sponsors
  • For Speakers
    • Secure360 Speaker Details
    • Student360 Speaker Details
  • Blog
  • Nav Social Menu

    • Facebook
    • LinkedIn
    • Twitter
    • Vimeo

Secure360

The true costs of a data breach

November 28, 2012 by Secure360 and UMSA

It is time to shed the “it can’t happen to me” mentality about data breaches. We hate to be the bearers of bad news, but yes, it can. Data breaches are on the rise; in fact, in a study done by Ponemon, 54% of respondents had experienced at least one data breach in the past year.

Despite the reports, many businesses, especially small to medium sized businesses (SMBs), underestimate the true cost of a data breach. This optimistic bias makes companies a great target for criminals because their systems are not adequately prepared for an attack.

Here are five things to consider about the true cost of a data breach:

With virtualized storage and servers, no breach is a small breach.

Virtualized storage and servers are amazing business tools, but they come with a lot of risk. If implemented insecurely, they present an all-you-can-eat buffet for hackers; with one breach criminals could have access to a majority of a company’s confidential information.

Virtualization is becoming a necessity to run a business, so you can’t completely avoid the risks, but you can take precautions to protect yourself. A good starting point is to implement foundational security practices such as defense in depth, multi-factor authentication and awareness training.

The loss of customers

If a company loses customer information, its business will suffer; the damage often leads to a loss of customers, business partners, income, and reputation.

Here are three statistics from Ponemon regarding loss after a data breach in SMBs:

  • 42% of U.S. respondents stated they “lost customers and business partners”
  • 41% of U.S. respondents experienced an increase in the “cost of new customer acquisition”
  • 35% of U.S. respondents “suffered a loss of reputation”

Damage Control

Losing your customers is a real possibility after a data breach. Many companies end up having to hire a PR professional to do damage control, and because they intervene during a crisis, they can charge high fees.

Another costly form of damage control is offering incentives. In the wake of a data breach, companies often offer coupons or free items and services to keep people loyal.

A good example of how expensive damage control can be is Stratfor’s data breach in 2011. Stratfor, a geopolitical intelligence firm, had a data breach that resulted in 860,000 e-mail addresses and 75,000 unencrypted credit card numbers being stolen. The firm offered to pay for a one-year subscription to identity protection services for anyone affected by the breach and was the subject of a lawsuit.

When BYOD leads to a data breach

A bring your own device (BYOD) policy can lead to a couple of different kinds of data breaches. First, the device can end up in the wrong hands after being lost or stolen. With little work, due to stored passwords, a hacker can access company information. Second, an angry, terminated employee with company information on his/her computer could leak confidential information.

Despite the risks, BYOD is the way businesses are moving and it does prove to be productive for companies. To protect yourself against a breach, your company needs to have a strict BYOD policy and make sure employees are educated on the issues.

Don’t forget the lawsuits

If your data breach results in customer information being lost, you could lose big in court. Sadly, small businesses can even be ruined by a lawsuit.

This issue calls for more than just digital security. Your company should be up to date on your state’s laws regarding liability and have a liability statement in your client contracts.

Companies need to change their views on internet security. No company is immune to a data breach and companies need to protect themselves and their customers. Don’t be the company that pays attention after it is too late – an investment in security is an investment in the future of your company.

Filed Under: Business Continuity Management, Cybersecurity, Risk and Compliance

About Secure360 and UMSA

The Secure360 and UMSA team is made up of professionals in the security and risk management industries. Topics of expertise range from physical security, IT, risk management, cybersecurity, cloud, information security and records management.

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Categories

  • Uncategorized
  • Guest Posts
  • Business Continuity Management
  • News and Events
  • Physical Security
  • Cybersecurity
  • Professional Development
  • Risk and Compliance

latest tweets

  1. Marketing Envy
    Marketing Envy: [New Blog] 2020 saw in-person conferences evaporate, but with vaccines rolling out, 2021 could be different. H… https://t.co/4YONwZNsDa
    about 19 hours ago

  2. Secure360 Conference
    Secure360 Conference: We are honored to be listed on the Top 20 Cyber Conferences for 2021 -> https://t.co/MnrQ3E5ifw
    about 2 days ago

  3. Secure360 Conference
    Secure360 Conference: Fascinating stuff about the shift from brick & mortar to e-commerce, from Diamond Sponsor @cisco! https://t.co/4GaYGQKZ1a
    about 4 days ago

Footer

Contact

For more information about UMSA events, contact: Marie Strawser

Email List Signup

Join our email list for monthly Secure360 news and updates!




Join our tradeshow email list for updates on sponsorship opportunities and upcoming exhibitor deadlines.

Sponsored by:
© 2021 Secure360. All rights reserved.