Target’s 2013 data breach reportedly cost the company $252 million; Sony pictures will spend an estimated $35 million in investigation, remediation, and IT repairs for its hack; Home Depot spent $43 million in just one quarter; and it’s estimated that the total cost of Anthem’s 2015 data breach will reach more than $31 billion.
Getting hacked is expensive. A May 2015 Ponemon study found that it costs a targeted company on average $217 for each lost or stolen record. This is up 8% from 2014, and data breaches can involve tens of millions of stolen records. The steep financial burden isn’t the only one your company faces when organizations get hacked. There are numerous long-term effects to consider. The true cost of a data breach includes:
A system destroyed must be rebuilt. Included in Sony’s stolen data were hundreds of files containing employees’ login details and other personal access information. Every staff member had to change every login and every server had to be re-keyed. According to one analyst, the cost of rebuilding Sony’s computer systems could total $83 million and that’s just IT costs.
Loss in Business Opportunities:
Our best sales whiz is sending one of the top executives (Jack) to seal a new client deal. The meeting was a big success and the client is ready to sign. On the way back, Jack sends confidential information about the deal over an unsecure Wi-Fi network at the airport, unknowingly comprising his device and the financial information of each of her clients including the one Jack just met with. Before Jack is back in his office, the deal is off. So are dozens of other deals by existing and potential clients who are angry that the company didn’t protect them. Four in ten small business owners and at least two of every ten C-suite executives think lost or stolen data won’t seriously impact their business.
Loss in Consumer Confidence:
When you sell direct to consumers, it’s not just partners whose trust you risk losing, you also risk consumer confidence. The breach of Target had a direct result on consumer confidence, which could be seen in Target’s sales numbers after the breach. According to the Washington Post, the company’s profit plummeted by almost 50% in the months after the breach, falling by more than a third by the end of 2013. Target didn’t begin to rally until the end of 2014. How would our business fare if sales were cut in half for a year?
Why Not Prevent It From Ever Happening?
It’s hard to quantify the trust cost of a data breach due to the number of factors. Will employees begin to have doubts in the company? Will recruits choose other options? Will a client second guess the decision to work with us? You’ll never know for sure.
Due to the high price tag on a data breach, creating a habit of security doesn’t just seem like common sense, it seems like good business.