Data breaches are occurring at record pace in 2017 in the United States and other parts of the world. Taking preventive measures, such as locking down your network, using security software, and creating strong passwords, can make it much harder for cybercriminals to infiltrate your business. However, despite your best efforts to prevent a data breach, your company might still experience one. This is partly due to the fact that data breaches are not always the result of cyberattacks. They are also caused by human error, system glitches, and malicious insiders.
Being prepared for a data breach can significantly reduce the costs incurred from one. According to the “2017 Cost of Data Breach Study“, the top three preparations are:
- Setting up an incident response team to initially create an incident response plan and then implement it if a breach occurs
- Extensively using encryption to ensure that data is secure when it is being transmitted and stored
- Training employees to recognize potential problems and letting them know who to contact in the event they suspect a breach has occurred
To understand the extent to which these preparations can reduce costs, you first need to look at the average cost of data breaches.
The Average Cost of Data Breaches
For more than a decade, the Ponemon Institute has been researching the financial impact of data breaches by studying companies that have experienced them. In the “2017 Cost of Data Breach Study”, which was sponsored by IBM Security, more than 400 organizations from around the world participated in the research. The size of their breaches ranged from approximately 2,600 to 100,000 compromised records.
The researchers discovered that the average cost per compromised record is $141 (USD). This figure might not sound too bad until you do the math. If your business has 5,000 records, a breach could cost you $705,000. The study found that the average number of records in a data breach is 24,089, which means a cost of $3.4 million.
The average cost per compromised record is derived from direct expenses, such as the money spent on hiring forensic experts and providing free credit monitoring to customers. It also takes into account indirect expenses, such as the extrapolated cost of lost customers. The cost of lost customers is important to include considering that it is much more expensive to acquire new customers than keep existing ones.
How Much Money Businesses Can Save by Being Prepared
Being prepared for a data breach offers many advantages. It often leads to a faster reaction time when one occurs, better coordination between the individuals responsible for dealing with the event, and more effective communication, especially with customers. Plus, being able to tell customers that the compromised data was encrypted and thus useless to anyone who acquired it can go a long way in keeping their trust and their business.
The “2017 Cost of Data Breach Study” quantifies the benefits of the top three preparations as follows:
- Setting up an incident response team saves an average of $19 per record
- Extensively using encryption saves an average of $16 per record
- Training employees saves an average of $13 per record
So, if you make all three preparations, you can reduce the cost per record to $93 ($141 – $48), which will result in substantial savings. For example, if your business has 5,000 records, the breach would cost you $465,000 instead of $705,000.
The results of “2017 Cost of Data Breach Study” highlight the importance of being proactive when it comes to data breaches. Besides implementing security measures that will help your business avoid data breaches, you also need to be prepared in case a breach occurs. We can help you on both fronts.