Data Security in the Digital Age: Risks vs Rewards

How does your company define risk?

In 2014 alone, breaches at just five companies affected 229 million people.

In 2014, the fifth annual “Cost of Cyber Crime Study” found that, over the year, the average cost of U.S. corporate cyber crime climbed by more than 9 percent, to $12,700,000. In 2015, that number increased 19% to $15.5 million.

by NEC Corporation of America on flickr cc

Data Breaches on the Rise for Businesses

The increasing prevalence of widespread data breaches has many business owners re-thinking their data security and trying to figure out ways to make data breach response plans a priority, whereas they hadn’t in the past.

According to the 2015 Second Annual Data Breach Industry Forecast, published by Experian:

“The risk of experiencing a data breach is higher than ever with almost half of organizations suffering at least one security incident in the last 12 months. To address this, 48 percent of organizations increased investments in security technologies in the same timeframe, and 73 percent acknowledged the likelihood of a breach by developing a data breach response plan.”

The increased risk of data breaches affect businesses, both big and small, and the effects can be devastating – not only for the business involved, but for those whom the business serves.

11 Cyber Crime Facts & Figures Worth Noting

According to the Ponemon Institute’s 2015 Cost of Cyber Crime Study:

  1. Cyber crimes are still on the rise.
  2. by Nick Papakyriazis on flickr ccCyber crime cost varies by organizational size.
  3. All industries fall victim to cybercrime, but to different degrees.
  4. Most cyber crimes are caused by malicious insiders, denial of services, and web-based attacks.
  5. Cyber attacks can be costly if not resolved quickly. (avg. resolution period is 46 days at a rate of $21,155/day)
  6. Business disruption represents the highest external cost, followed by the costs associated with information loss.
  7. Detection is the most costly internal activity, followed by recovery. (accounts for 53 percent of total internal activity costs)
  8. Activities related to IT security receive the highest budget allocation.
  9. Deployment of security intelligence systems makes a difference. (Security intelligence systems are efficient in detecting and containing cyber attacks, saving companies $1.9 million)
  10. Companies deploying security intelligence systems experienced a substantially higher ROI (23%) than others.
  11. Deployment of enterprise security governance practices moderates the cost of cyber crime.

Safeguarding Your Business’ Personal Information

By safeguarding your business’ personal information, you protect your brand, affiliates, and customers. Failing to put some form of data breach prevention in place runs you the risk of losing customers, brand trust, reputation, and revenue. Take the following example of Sony:

Case Study: Sony

Sony is know for producing high quality electronic products. In April 2011, Sony experienced a massive breach of its PlayStation Network, followed by successive breaches to its online entertainment division.

The result? More than 100 million customer records were lost, and several Sony business operations were forced to shut down in a matter of weeks. Adding to the fallout, Sony’s image was sullied, and the company received tons of negative press.

While Sony apologized and accepted responsibility for the data breach, the public’s general perception of Sony was that data security was more of an afterthought; it was something that Sony hadn’t taken seriously.

Failure to ensure that their customers’ information was safe led both a loss of reputation as well as a loss of trust. 

[source]

Shifting Accountability to Reap Rewards

We live in a data-driven society where information is exchanged online in a matter of seconds. This is beneficial for businesses, but as we have seen, you often assume risk with reward.

By shifting accountability and increasing scrutiny, business leaders can work together to prevent data breaches from occurring – or, at a minimum, they can offer faster, more effective solutions/responses if a breach occurs.