Ponemon Institute recently published its 13th annual report on data breaches across the globe: 2018 Cost of a Data Breach Study: Global Overview. It’s worth a read. It explores not just the cost in dollars but also which elements can increase and decrease costs associated with a data breach.
Interestingly, the report examines the average organisational cost of a data breach in each participating country. The total average cost for Australian companies was $1.99 million. While this was low comparative to other countries, it is nevertheless eye-wateringly high.
When you consider both the direct and indirect costs involved in a data breach, it is easy to see how the costs can add up. Direct costs involve engaging forensic experts, hiring a law firm, or offering victims identity protection services. Indirect costs involve the allocation of resources, such as employees’ time and effort to notify victims and investigate the breach. Indirect costs also include the loss of goodwill and customer churn.
The report highlights the following factors that can increase or decrease the cost of a data breach:
- Fast identification of a breach can save money. The report found that organisations that contained a breach in less than 30 days saved over $1 million as compared to those that took more than 30 days to resolve.
- Having an incident response team in place can reduce the cost by $14 per compromised record.
- The use of extensive encryption reduces costs significantly; by as much as $13 per compromised record.
- Third-party service providers can be the weakest link when it comes to data security. Costs to your organisation increase significantly when caused by a third party.
These findings were consistent for organisations that participated across the globe.
Given that data breaches can involve thousands, if not hundreds of thousands, of records; costs in resolving a data breach are typically significant and the loss of customer trust also has serious financial consequences. There is much to be gained by implementing proactive systems and measures to mitigate the risk of a data breach.
This should involve regular system audits and assessments to identify breaches sooner, which can decrease the ultimate cost to the business in resolving the breach. Findings from the report also emphasise the need to ensure due diligence and ongoing audits are conducted on all third-party service providers that handle company data. Finally, partnering with a reputable document destruction company ensures your data is destroyed securely.
Confidential Shredding Co is here to help your business minimise the risk of a data breach by disposing of confidential documents and computer equipment safely and securely.
Call us on 1300 788 719 for a free no obligation quote or click here to order online.
Read more about;