11 Feb The Average Cost of a Data Breach
Today, few phrases strike fear into the hearts of companies quite like this one: data breach. Not only does a single incident harm an organization’s reputation – potentially costing them customers for years to come – but the sticker price is so massive some business can’t withstand the financial ramifications.
In fact, one study showed that 60% of small businesses shut their doors within six months of falling victim to a cyber attack because the financial impact is unmanageable. That’s a pretty stunning figure.
The average cost of a data breach continues to grow, showcasing the severity of the threat to a company’s solvency. Failing to manage risk and protect systems properly is essentially becoming more expensive by the day, and every organization is a potential target.
How Much Does the Average Data Breach Cost?
According to a 2018 study from IBM, “the global average cost of a data breach is up to 6.54% over the previous year to $3.86 million.”
To put it another way, the study found that “the average cost for each lost or stolen record containing sensitive and confidential information also increased by 4.8% year over year to $148.”
Considering how large a data breach can be, even some big-name companies can struggle after a single incident. Learning that customer information has been compromised often leads to some form of financial ramification.
For example, on March 25, 2018, an announcement from Under Armour stated that 150 million MyFitnessPal accounts were impacted by a breach that occurred during February of that year. Usernames, email addresses, and hashed passwords were all compromised. Once news spread, the company’s stock fell 4% during after-hours trading, and that wouldn’t be the only cost Under Armour had to endure.
Many companies simply can’t afford to pay for the damage caused by just one data breach. This means, by failing to put suitable security measures in place, some organizations are practically setting themselves up for complete financial devastation; a price tag so high that it would bankrupt the business.
Who Needs to Prepare for a Cyber Attack?
“There are two types of companies: those that have been hacked, and those who don’t know they have been hacked.” – John Chambers, Cisco CEO
To put it simply, everyone needs to have systems in place to defend against a cyber attack. Most hackers act like predators, seeking out weak targets, no matter who they are, instead of focusing on specific companies. As a result, when they spot a vulnerability, they work to exploit it regardless of who the organization is or how much data they have stored.
Small and mid-sized companies are commonly targeted by attackers. Why? Because they often don’t have the same security measures in place as large enterprises. Maintaining a high level of security internally can be costly, particularly since keeping skilled IT security professionals on staff is usually expensive. However, that doesn’t mean it is impossible to be prepared.
How Do You Enhance Security to Prevent Data Breaches?
If you want to protect your data, then a multilayered approach to security is a must, and it typically needs to go further than you may realize.
For instance, multifactor authentication is a great addition, but you have to use the right kind. On August 1, 2018, Reddit.com reported a breach that affected employee accounts. While the company employed two-factor authentication (2FA), the SMS-based authentication relied on one-time passwords (OTPs) that were delivered to mobile phones, and the OTPs were either intercepted or phished, allowing hackers to gain access.
Token-based protection using physical security keys is considered a more secure, and possibly the safest, 2FA option available. By forgoing SMS and using tokens, you can enhance security.
Additionally, addressing potential insider threats is a must. One study by the Ponemon Institute showed “only 44% of IT and IT security practitioners say their organization views the prevention of insider fraud as a top security priority.” This sense of complacency increases risk, particularly as, according to the report, “the number of employee-related incidents of fraud continues to remain high.”
At TetherView, we understand the damage a single data breach can cause. That is why we offer solutions designed to make security a priority at every level. Not only do we employ the latest anti-virus and anti-malware software available, but we also create custom, monitored, and dedicated firewalls for additional protection. Every piece of data is encrypted, both when at rest and when in transit. Plus, by restricting access to certain information through VDI’s for employees, we can greatly reduce the risk associated with employee-related fraud.
If you are looking for a partner to ensure your systems are protected against cyber attacks, contact TetherView to learn more about our comprehensive solutions and see how we can provide businesses of all sizes the protection they need at prices they can afford.
Jackie Chalet, Marketing Director at TetherView