Cybersecurity Insight

Costs of Data Breaches Reach All Time High

9 Oct

No one is certain whether or not cyber crime has reached its peak. The frequency of cyber attacks and overall cyber crime has continued to increase from year to year and continues to affect more and more major organizations every day. Of course, when a company or organization is affected by a breach, it’s often the consumer or customer that is the real victim, often because it’s their information that is compromised. However, there is another overlooked aspect of the cyber attack that many don’t see, that is the actual financial burden of the attack on the company.

When a breach occurs, a company often faces fines or tremendous losses in revenue. If a company’s website goes down even for a few minutes, or their POS system fails even for an hour, that can mean millions of dollars in lost revenue and sales. So, how do they get that money back? They often raise prices, or trickle down the effects to the consumer; and with the costs of data breaches at an all time record high, this puts a heavy burden on the economic system as a whole.

In a recent study of 62 companies by the Ponemon Insitute, who conducts business related studies around the field of IT, some staggering numbers were reported about the cost of data breaches.

Some of the major takeaways from the study were the rising costs of data breaches, as well as the increased costs in trying to prevent such an attack.

In 2015, data breaches cost companies an average of $217 per compromised record, up from $201 in 2014 and $188 in 2013. The $217 is not far off from the previous average high though, as in 2011 the average cost per compromised record was $214. Over the last decade this number has acted much like a stock price, a steady rise, a plateau, a slight dip, and now an all time high.

These numbers suggest that companies were unprepared for cyber attacks when they began to grow in number from around 2006 – 2011. When cyber attacks reached a then all-time high, precautions were taken and more time and effort was spent fending off these attacks. Now, it seems cyber criminals have found new ways to perpetrate their acts, leading companies to seek out more effective detection methods.

Another frightening statistic is the average cost for each organization affected by a cyber attack. In 2015 the average sat around $6.5M. This was up from $5.9M in 2014 and about $5.4M in 2013.

Breaches not only impact revenue – cyber attacks significantly affect customer loyalty and can cause irreparable damage to a company’s reputation. Of the organizations examined, it was found that $6.72M was either lost from customer turnover or by spending to acquire new customers, or on public relations efforts following a cyber attack.

It’s no secret that customers often feel violated when a company they normally trust has been the subject of an attack. While the company may not have had anything to do with it in the sense that they took every precaution to protect their customers, the feeling of distrust still breeds from an incident.

The Ponemon study covers a lot of ground when it comes to cyber attacks and their fiscal consequences, and one obvious fact still rings true: cyber attacks are seriously harmful.

According to the U.S. Chamber of Commerce, one in five small businesses falls victim to hackers every year, and of those, about 60 percent go out of business within six months of the attack.

Companies not only lose customers, they lose revenues, and scramble to build back a trustworthy reputation which can takes months or years – which also bring unexpected costs and expenses. Surely no company wants to be the subject of a cyber attack, but it is obvious that some companies don’t take the possibility of an attack as seriously as others. This ultimately affects both the customer and the business.

In the end, a little preparation can go a long way in protecting from a cyber attack. Companies can stay ahead of security threats with continuous monitoring, enhanced intelligence, proactive prevention, early threat recognition, rapid response, and investigation of root causes. Ultimately  better knowledge means better protection when combined with comprehensive tools to defend your networks, data, devices, web traffic, applications, and more.