How A Data Hack Impacts Your Business
Shockingly, we already read about it in the news on a daily basis: Again, a data breach happened. And it is not just the eventual multinational corporation but mainly small businesses which are being hacked. And for those, the direct and indirect effects of such events are devastating. Nevertheless, in the aftermath of these cases it comes out that the majority of companies were actually aware that a breach could happen but most of them deemed themselves well prepared. Or, according to the ostrich effect, they clearly thought that it would not happen to them.
Let’s take a quick look at what is the chain of negative events possibly happening to a company after a hack:
Firstly the brand is damaged to the extent that clients lose trust in you, with a worst case scenario resulting in your customers unsubscribing from your services and sourcing the product from elsewhere leading to a revenue loss. On top of that come significant costs to repair the damage internally and externally, especially when a local data protection regulation with fines is in place. Clients might even decide to file a lawsuit damaging your reputation in the long-run.
Sadly, it is often the IT department or an uncautious employee being scapegoated, whereas it is really the management who is responsible for avoiding a hack in the first place by proper measures and a data protection mindset with cybersecurity at the core of data management. Businesses have to realise that data protection is a top concern with utmost importance!
Living in a data economy and with news travelling at incredible speed, it might happen that we never hear about a company until a hack, and at that point, the reputation has already been destroyed. These news are spreading like wildfire and your clients will most likely hear about it within days, if not hours. A recent impact study by Ponemon in the UK found that after a hack, 65% of consumers stated to have lost trust and 27% even turned their backs on a company. A report by the Bank of America Merchant Services also shows that 30% of consumers of small businesses would never again use their services or products after a breach. And as we know, bad news travel faster than good ones, so 85% of consumers are likely to tell their friends about their negative experience (33% via social media, 20% on the company website).
And it doesn’t stop there: A whopping 60% of small businesses will close within six months after a data breach, mainly due to the incurred costs. On average, it takes 46 days to resolve a cyber attack with an approximate cost of $21,155 per day. IBM calculated an average cost per lost or stolen record of $141, rising to a crushing $380 in the healthcare sector. And while companies, which discovered a breach in less than 100 days from inception, lost on average $2.8 million, the loss rose to $3.83 million after 100 days. Besides that, a Cisco Cyber Report stated that 22% of businesses which suffered from an attack lost customers, 40% of those more than 20% of their customer base. 29% of businesses lost revenue and another 23% lost business opportunities.
So let’s be honest: Isn’t it better to prevent a hack in the first place? Only, the government doesn’t help with that and neither do your clients, so you will have to get active yourself. The top activities showing the biggest positive impact when it comes to reducing the cost of a breach or even inhibiting it, are a clear incident response, a solid encryption technology in place, as well as strong educational measures to control the weakest link in the chain: humans. In the end, a solid information security plan can even positively improve the efficiency of your marketing and sales, and herewith of course enhance customer trust.
You don’t have the resources and capacities for tedious, month-long data mapping and governance projects with countless recommendations for palliative cybersecurity tools not attacking the problem at its roots? Check out a toolkit which provides the full package for an affordable price and easy implementation for anybody, even without IT knowledge: Vaultree! Because one thing is clear: The data protection headache won’t go away on its own!