Question

In: Computer Science

What are some to the hidden cost an organization need to deal with after a data...

What are some to the hidden cost an organization need to deal with after a data breach? Use your own word

Solutions

Expert Solution

Detection, escalation, notification and post data breach response

The four main activities that follow a data breach are detection, escalation, notification and post data breach response – and they all mean additional costs to an organization.

Detection and escalation: Activities that enable a company to detect and report a breach to appropriate personnel within a specified time period.

  • Forensic and investigative activities
  • Assessment and audit services
  • Crisis team management
  • Communications to executive management and board of directors

Notification costs: Activities that enable the company to notify individuals who had data compromised in the breach (data subjects) as regulatory activities and communications.

  • Emails, letters, outbound telephone calls, or general notice to data subjects that their personal information was lost or stolen
  • Communication with regulators; determination of all regulatory requirements, engagement of outside experts

Post data breach response: Processes set up to help individuals or customers affected by the breach to communicate with the company, as well as costs associated with redress activities and reparation with data subjects and regulators.

  • Help desk activities / Inbound communications
  • Credit report monitoring and identity protection services
  • Issuing new accounts or credit cards
  • Legal expenditures
  • Product discounts
  • Regulatory interventions (fines)

Lost business cost: Activities associated with the cost of lost business, including customer turnover, business disruption, and system downtime.

  • Cost of business disruption and revenue losses from system downtime
  • Cost of lost customers and acquiring new customers (customer turnover)
  • Reputation losses and diminished goodwill

This last point is important, as once an organization has lost the trust of their customers, it is very difficult to win it back, with 64 percent of consumers saying they are unlikely to do business with a company where their financial or sensitive data was stolen.

Increase in third-party website breaches

Aside from these figures, there are two other important points to take away from the findings:

  • The percentage of malicious or criminal attacks as the root cause of data breaches in the report crept up from 42 to 51 percent over the past six years of the study, a 21 percent increase
  • Breaches originating from a third party – such as a partner or supplier – cost companies $370,000 more than average

The increase in third-party vulnerabilities emphasizes the need for companies to closely vet the security of the companies they do business with, align security standards, and actively monitor third-party access.

Global beauty brand Sephora was forced to email online customers to inform them of that their personal information may have been exposed to unauthorized third parties, including first and last name, date of birth, gender, email address, and encrypted password, as well as data related to beauty preferences.

As this example demonstrates, your company website is one area where third parties can present an access point to your customers’ sensitive information – and yet it is often overlooked by the security team. However, it is important to mitigate any threat from third party vendors by creating an allowlist and a blocklist that allow you to only share data with trusted vendors.

With the loss or theft of more than 11.7 billion records in the past three years alone, the Ponemon report urges companies to be aware of the full financial impact that a data breach can have on their bottom line – and focus on how they can reduce these costs.

Speak to us about how we can help manage and secure all your third-party vendor technologies to prevent unauthorized data collection and prevent a potentially disastrous data breach within your organization.

Some more of the report’s headlines findings include:

  • Malicious breaches: More than 50 percent of data breaches resulted from malicious cyberattacks and cost companies $1 million more on average than those originating from accidental causes
  • Mega breaches: While less common, breaches of more than 1 million records cost companies a projected $42 million in losses; and those of 50 million records are projected to cost companies $388 million.
  • Practice makes perfect: Companies with an incident response team that also extensively tested their incident response plan experienced $1.23 million less in data breach costs on average than those that had neither measure in place.
  • U.S. breaches cost double: The average cost of a breach in the U.S. is $8.19 million, more than double the worldwide average.

Related Solutions

What are some of the staffing issues a manager might need to deal with? Why is...
What are some of the staffing issues a manager might need to deal with? Why is it important to understand staffing calculations to fill scheduled positions?
What are some of the potential problems that must be dealt with after an organization experiences...
What are some of the potential problems that must be dealt with after an organization experiences a major trauma such as massive layoffs?
1.  What is an abstract data type? In an ADT, what is known and what is hidden?
1.  What is an abstract data type? In an ADT, what is known and what is hidden?
What is "fitting" in/of Hidden Markov Model, how to fit HMM for data??
What is "fitting" in/of Hidden Markov Model, how to fit HMM for data??
Impact of jio on Digitalization of India. facebook and jio deal. ( i need some point...
Impact of jio on Digitalization of India. facebook and jio deal. ( i need some point for my ppt)
You need to read Article 2 ““Our farmers need a better deal”: Study shows true cost...
You need to read Article 2 ““Our farmers need a better deal”: Study shows true cost of trade barriers” to answer questions below. Part (a) Article 2 specifically mentions: “A NEW AgriFutures Australia-funded study shows that farm subsidies and import barriers abroad lowered Australia’s net farm incomes by 15 per cent and reduced its farm exports by 29 per cent.” Use the concept of supply and demand to explain the paragraph above, especially why farms subsidies abroad lowered Australia’s net...
Special districts have often been called the hidden government. What are special districts? What are some...
Special districts have often been called the hidden government. What are special districts? What are some of the services they provide? How are special districts created, governed, and funded? GOVERNMENT
1. What are the major legal and human resource issues that an organization has to deal...
1. What are the major legal and human resource issues that an organization has to deal with when developing and enforcing its workplace violence policy? 2. Assume that you have been invited to a meeting with the three Nordstrom co-presidents and asked to develop a workplace violence policy. Discuss how you would enforce it.
What is the term “hidden reserve”? Explain how the hidden reserves are created using a mathematical...
What is the term “hidden reserve”? Explain how the hidden reserves are created using a mathematical example.
what is hidden variable theories..what it solve or what it not ?
what is hidden variable theories..what it solve or what it not ?
ADVERTISEMENT
ADVERTISEMENT
ADVERTISEMENT