What will a data breach cost your business? (and how to prevent one)
With our growing dependence on technology, big data breaches are more common than ever. Between January 2005 and today, there have been over 11,000 breaches with more than 1.6 billion records exposed, according to the ID Theft Resource Center.
And all these breaches cost money. You probably already know that breaches are expensive, but do you know exactly how much they cost?
The largest data breach in history was a hack on 500 million Yahoo accounts in 2013. This data breach cost Yahoo $350 million, and ultimately helped put an end to a company once valued at $125 billion. (They were sold to Verizon for a sad $5 billion, one of the worst deals in tech history.)
Cyber Criminals Don’t Discriminate
Big corporations aren’t the only target. In fact, small businesses make up 58% of data breaches, according to a 2018 report by Verizon. And according to the US government, cyber criminals simply go after vulnerable systems regardless of whom they belong to.
Cost of a Data Breach
Each report of a cyberattack can cost a small business tens of thousands of dollars (not including the post-breach cost of lost business), which means a small business with no insurance can end up in bankruptcy. This is likely the reason why 60 percent of small and medium-sized businesses fold within six months of a data breach, according to Inc.
The cost of a data breach is different for every organization, but between industry fines, forensic investigations, card replacements costs, and more—no matter what way you slice it, it ain't cheap.
If you don't have insurance, breaches hit you where it hurts most—your wallet. The actual cost per compromised record depends greatly on your industry, averaging out at $242 per record in the US, and $150 globally.
If your business is in healthcare, you're out of luck—those records average $429 per hit, the highest of any industry. This is followed by financial services at $210 per record, technology at $183, and pharmacutical companies $178.
If you’re worried about your business, IBM has a data breach calculator that will help you explore the impact a breach will have on your business, based on your risk factors.
Additional Costs
A breach isn't just damaging in terms of the fines you might have to pay. There are many other factors that cost your business money, including:
Disrupted Productivity
In 2016, it took an average of 62 days from intrusion for a company to detect and remediate the breach, according to Statista. That's almost two months of lost productivity as you worry about the legal, technical, and financial ramifications of the breach.
Lost Customers
When customers learn that a business has been compromised, they tend to stay away. This opportunity cost is enormous. The average company in the US suffers $4.13 million in lost business from customers avoiding it after a breach, and, according to Business Insider, 76% of people said they would move away from companies with a high record of data breaches.
Reputation Damage
Obviously, a breach is detrimental to an organization's brand and reputation. For larger companies, a PR firm is needed to mend relations via the media, and keep customers and stakeholders informed in the aftermath of the breach, all costing you money.
How do you prevent data breaches?
There isn't an ecommerce business in the world that doesn't collect and store personal information about customers. That's why theft and loss of private information is on the rise—these are attractive targets.
All businesses, regardless of size, should take the necessary precautions to prevent a data breach. Here are some tips to help minimize the risk of a data breach, and what you can do to protect your business.
Secure All Computers: Require password protection for all computers and the use of strong passwords that must be changed on a regular basis. Also, don't store your personal information on a computer that is connected to the internet unless it’s necessary for your business.
Keep All Software Up-To-Date: Use firewalls, PCI and scanning services, anti-virus and anti-spyware software and make sure they are all up-to-date on a daily basis.
Educate & Train Employees: Establish a written policy about privacy and data security and communicate it to all employees. Make sure your employees know which types of information are sensitive or confidential and what their responsibilities are to protect that data.
Data Breach Insurance: Data breach insurance and cyber liability insurance help protect you in the event of a data breach. These services can help cover costs involved, including fines and assessments, credit monitoring, hardware upgrades, forensic exams and more depending on the coverage you choose. Getting data breach coverage is important because quick action is imperative to help restore both your reputation and your business after it has been damaged by a cyber attack.
Wrapping up
When it comes to data breaches in today’s society, the odds are against any business regardless of size. Take precautions to reduce your chances of getting attacked by keeping your business and your customers safe.
This post was updated in January 2020.