According to the latest global data breach report, costs are on the decline. While that’s great news, upcoming events and new customer expectations are set to raise the cost of the average data breach next year. Learn what to expect and what to avoid.
Global Average Cost of a Data Breach
According to IBM, the global average cost of a data breach dropped over the past year. The global average, however, is still a staggering 36.5 million dollars. This is thanks to the lower estimates of cost per file stolen. However, according to IBM’s global data breach report, businesses are suffering larger breaches than they did before. This demonstrates an alarming new trend in data breaches that may become the standard.
It’s important to note that these estimates do not reflect the EU’s new data security law, which goes into effect next year. This law should improve overall security standards, but it will also make losses much higher. The regulating authorities have already started enforcing harsher punishments and collecting maximum fees for noncompliance.
Since the threshold for these punitive measures will rise next year, it’s safe to assume that the average cost of a data breach will, too. It’s more important than ever to make sure a data breach report won’t reveal any security failings on the part of the victimized business.
Potential for Additional Costs
The cost of a data breach isn’t limited to official fees and security updates. Although these represent the largest immediate drains on a business’s resources, the damage doesn’t end after the data breach report is filed. One of the heaviest burdens on a victimized business’s long-term finances is the degradation of customer loyalty. Customer reparations count as immediate costs, but it’s hard to properly estimate the lingering impact of a data breach on future profits.
Customers value their privacy, and even long-term customers may be more willing to invest time in finding new business partners after a breach. Their information may be perfectly secure, but they see a breach as a warning of future breaches.
To be fair, the data breach report from Yahoo’s latest incident validates this concept. Even as Yahoo publicly revealed one record-breaking breach, an even larger breach was in the works. Customers expect these kinds of repeat incidents. The best proof of adequate security is a business that is never breached.
A single breach, however, destroys that ideal proof. Although users may still choose Yahoo for casual use, they are extremely unlikely to ever trust the system with sensitive information. Old Yahoo email accounts have essentially become junk mail accounts for many users. Yahoo will probably never recover, even if it does survive.
Just because costs dropped slightly, businesses still face losses that tally in the millions. To stay safe, businesses must take proactive cyber security measures now. Make sure there is no reason for additional fees after your data breach report goes public, and give your customers every possible reason to keep faith in your business.