No matter the size of your business, trust between your company, your employees and your clients is paramount to a successful organization. That trust extends beyond the trust that your employees will get their checks on time. It goes further than your clients and customers trusting that your products and services will be delivered on time. It even goes beyond the trust that they will receive an amazing experience with your product or your service. They trust that their most confidential information is safe in your hands. They give you access to everything from their social security numbers to their credit card information and even their medical and legal records. When that data, their most personal information, is compromised, it’s not just losing some passwords and credit card information or some medical diagnosis, it’s losing the trust your clients and employees have placed in you. Not only are we going to explore the true cost of a breach, but we are also going to give you a few tips and solutions to ensure you maintain the most valuable contract you have with your people, the contract of trust.
Unless you have a dedicated partner in cyber-security, such as Delval Technology Solutions, or an in-house cyber-threat specialist, chances are you are waiting for something to break before you fix it. You are going about your day-to-day operations and then you get a call from accounting telling you they have noticed some abnormalities. Your employees are alerting you to strange emails or your third-party authentication is sending you notifications that someone is trying to log on from unknown devices. These are just a few, albeit smaller examples of red flags you may see to let you know of a possible breach.
IMMEDIATE COST
From there you have to hire professionals to determine the scope of the breach Hiring a Cyber-Forensics-Investigator to determine the true nature of the attack can cost you between $10,000 to $100,000 alone! It’s not just hiring an investigator to deal with the breach that will cost you money, the loss of productivity is a huge hit also. The average time to determine the nature of a breach, and this is for billion-dollar industries that are flush with resources is 197 days. On top of that, the average amount of time to address and seal the breach is 69 days. That’s 266 days from beginning to end. In dollars and cents, 266 days can cripple or bankrupt your business depending on the nature and severity of the breach. You are familiar with the phrase “What they don’t know can’t hurt them.” In the case of a data breach, it can hurt you. There are strict laws regarding disclosing a breach to your customers and to the authorities. Just like any other laws, there are fines and penalties that are associated with failing to disclose a breach in time that can cost your business tens of thousands of dollars. On top of that the notification process is a timely and costly one. On average the cost of notifying your customers of a breach is over $700,000. Now you may see this number and say “Well that’s an average and I’m sure it’s offset by massive companies spending millions. What about my small to midsize business?” While you are correct that these huge corporate entities do skew these numbers, it can still cost you tens of thousands of dollars to notify your customer properly of a breach.*
LONG TERM COST
The long-term damage of a breach, and more importantly a slow and incorrect response to one, isn’t just finding and fixing the issue at hand. It’s dealing with the damaged reputation in the marketplace. Oftentimes, while not immediate, the long term consequences can cost you dearly. According to a report by Comparitech*, which compared 40 companies stock prices before and after reporting a breach, the effects are lasting. They found the companies value decreased by 3.5% per share and underperformed Nasdaq by 3.5% in the first 110 days, 8.6% and 8.6% after the first year, 11.3% and 11.9% in the second year and 15.6% and 15.6% in the third year.
THE HUMAN COST
The biggest loss that you could experience due to a data breach isn’t a financial risk, it’s a human risk. You could lose your trust with you customers, your investors and your team. Not all of the trust they have with you is whether they get paid fairly and on time or whether your product or services work. This is their trust that their confidential information they entrusted you with will be safe and confidential. That is the kind of trust that is the most difficult to rebuild. Identity theft can destroy lives, and the thought that the bad guys could get their hands on their social security card numbers, credit card numbers, home and personal email address and passwords is scary. The fact that in their minds it happened because they trusted you with their information is scary enough to send them straight to your competition or in the case of your employees back to the job market.
PROPER TRAINING
While improper security protocols can cause breaches that can crush your business, proper protection and protocol can save, time, money and more importantly, your reputation. Your employees are the first line of defense. Train them and educate them as to what to look for in case of a breach and have a plan of action in case they come across one. Companies, such as Delval Technology Solutions, offer monthly employee training on cyber-security measures to ensure that your team knows what to look for and what to do.
A PROPER ASSESSMENT
Having a trained eye assess your system is a key component to proper security protocols. It’s just like when you were buying that diamond for your spouses engagement ring, you went to an expert who knew what to look for to make sure you were getting your moneys worth. This time you are making sure you have an expert to take an in-depth look at your system and testing it so you know where you are vulnerable and how to strengthen your weaknesses.
PROPER TOOLS
The technology you use, from hardware to software, can make a big difference in your security as well. You want to ensure that all of your programs are updated, as these updates don’t only fix glitches, but they also patch holes in the software that can lead criminals directly to your data. Multi-factor Authentication sends a call, text or email to the person trying to log into your system to ensure that the right person is accessing it and is an amazing tech tool to help protect you against vulnerability. Employing automated security systems allows you the benefit of a system that utilizes machine learning. This not only cuts down on human error, but it also frees up your IT partners and professionals to focus on the bigger issues at hand.
A PROPER PARTNER
I know these last one’s seem a little tech heavy and chances are, you aren’t a technology expert. Your expertise lies in running your business, not securing your network. Therefore the best thing you can do to keep your data safe is aligning yourself with a strong Managed Securities Solutions Provider (MSSP) like Delval Technology Solutions. With a strong MSSP partner, you have a team of experts monitoring your system in real time, using state of the art threat assessment technology. If you have IT personnel, anMSSP can enhance your IT guy into an IT team, giving you an edge in protecting your network, staff and customer’s data. Navigating the waters of technology can be treacherous, and a breach in the hull and holes in the boat can sink your ship. However, following proper practices and having a trusted team, their technology and expertise on board can help you fill the holes, protect against breaches and help you captain the ship that is your business to the promised land.
https://www.varonis.com/blog/data-breach-response-times/