midimage
sideimage

IMPLICATIONS AND CONSEQUENCES OF

A DATA BREACH ON A BUSINESS

TALK TO US ABOUT THE IMPLICATIONS & CONSEQUENCES

IN THE EVENT OF A DATA BREACH ON YOUR BUSINESS

THE CONSEQUENCES AND IMPLICATIONS ON

YOUR BUSINESS IN THE EVENT OF A DATA BREACH

A DATA BREACH CAN COST YOU AND YOUR COMPANY IN BOTH THE SHORT AND LONG TERM

The financial costs that can result from a data breach can be classified as either direct or indirect. Direct costs include hardening systems, paying fines and resolving possible lawsuits. Indirect costs include loss of existing customers, a decrease in revenue due to a damaged reputation, etc. This monetary loss does not include the direct consequences of the actual compromised data, which could expose company IT secrets, proprietary tool information, and more. All of this greatly affects the public opinion of your company and how your customers perceive your ability to protect their sensitive information.

One example is the high-profile data breach of Sony's systems in 2014, which resulted in an estimated cost of $35 million. This figure includes both obvious sources of monetary loss such as establishing more secure systems, conducting investigations, paying fines, dealing with lawsuits, hiring contractors and forensics personnel to harden the infrastructure, as well as hidden costs, which are less obvious. These hidden costs include a decrease in business revenue due to a decline in purchases from customers, which is related to a decrease in positive sentiment towards the business from its customers. Both costs can significantly impact the bottom line of your business.

Depending on the industry, hidden costs may be more or less significant in regards to the overall monetary loss associated with a data breach. For instance, highly-regulated industries such as the healthcare industry may have significantly greater fines associated with a data breach. One example is the $1.7 million that managed-care company Well point had to pay for not providing proof of due diligence to keep their databases secure.

DAMAGED

REPUTATIONS

IN 2015, A SURVEY FOR TRUSTE DATA PRIVACY MANAGEMENT SOLUTIONS, CONDUCTED BY IPSOS, FOUND THAT CUSTOMER CONCERN FOR DATA SECURITY WAS AT AN ALL-TIME HIGH, AT 92 PERCENT

Perhaps as important as the service provided - and the revenue obtained - is the brand reputation of a business. Failing to uphold proper information security standards may result in a data breach, which may result in a significant loss of revenue due to an increased negative sentiment from customers who were affected, and potential customers who choose to put their trust in another company.

Due to the wide array of personal information that businesses routinely collect from customers, it is imperative - from a legal, moral and ethical standpoint - that businesses take every precaution necessary to safeguard the sensitive customer data that they have been entrusted with. Surveys also indicate that businesses were impacted due to this lack of customer trust - the impact had increased to 91 percent in recent years, with some customers even avoiding particular companies that they felt were untrustworthy.

In another study contracted by IBM and done by Ponemon Institute in 2013 it was determined that post business-disruption costs (e.g. a data breach) associated with reputation damage could result in a loss of $20,000 to $5,270,000 over a 24-month period following the disruption.

These figures include costs associated with losing existing customers, allaying the fears of new customers, and winning over lost customers. It should be very clear why your business reputation is very important, and why maintaining secure systems is pivotal for any business that seeks to be professional and efficient. The possible financial impact on your business coupled with a substantial impact to your revenue from decreased customer sentiments could dramatically affect the bottom line of your company.

LEGAL ACTION CAN

FOLLOW A DATA BREACH

THERE ARE NUMEROUS LEGISLATIVE REQUIREMENTS AND PENALTIES FOR LOSING SENSITIVE INFORMATION

Customers who entrust a firm with their personal information often take legal action against a company when their data is stolen, which is a breach that can result in identity theft. The costs associated with class action lawsuits are another direct cost that a company has to take into consideration when realizing the full scope of how a data breach can affect the company. The law firm Bryan Cave found that, in 2016, five percent of data breaches ended up leading to class action litigations. This percentile has been a constant figure over the past few years, as studied in the report. This portion of customers who take legal action must be considered when gauging the potential costs of a data breach. Further costs can also come from the ramifications of breaching consumer protection laws.

Such regulations can result in heavy fines for firms unless they can prove complete compliance with legislation and due diligence in the utilization of security controls to ensure total information security. Legally, there are several acts and regulations that are in place to ensure that companies take due diligence in maintaining secure systems. The Sarbanes-Oxley Act, the Gramm-Leach-Bliley Act, the New Basel Capital Accord, etc. are some of the governing legislations that seek to protect customer data by creating stipulations that companies must follow.

In the event of a data breach, the failure of a company to ensure complete data security often results in that company being required to pay fines, and they may be ordered to cease operations until security holes are fixed. For example, the Federal Sentencing Guidelines stipulates that company executives may be fined up to $290 million in the event that a data breach occurs when they cannot prove due diligence to ensure data security.

ALL IMPLICATIONS OF A DATA BREACH LEAD TO

BOTH DIRECT AND INDIRECT FINANCIAL LOSS

WE CAN PROTECT YOU FROM POTENTIAL FINANCIAL LOSS

A study done by the Ponemon Institute in 2014 found that the average cost to a company resulting from a breach was $3.5 million - a cost which has been found to have increased by 15 percent from the previous year, and today continues to escalate.

With potentially substantial direct and indirect costs costs being incurred due to a data breach, firms should realize that the costs associated with maintaining data security are far lower than the possible repercussions of inadequate security.

About

Cypress Data Defense was founded in 2013 and is headquartered in Denver, Colorado with offices across the United States. Our goal is to help organizations secure their IT development and operations using a pragmatic, risk-based approach. The diverse background of our founders allows us to apply security controls to governance, networks, and applications across the enterprise.

Latest Posts

How to Integrate Security Into a DevOps Cycle

However, DevOps processes aren't restricted to…

Secure SDLC and Best Practices for Outsourcing

A secure software development life cycle (SDLC…

10 Best Practices for Application Security in the Cloud

According to Gartner, the global cloud market will…

Contact

Cypress Data Defense

14143 Denver West Pkwy

Suite 100

Golden, CO 80401


PH: 720.588.8133


Email: info@cypressdatadefense.com


Social

© Cypress Data Defense, LLC | 2022 - All Rights Reserved