BLOG

The True Cost of a Data Breach

The True Cost of a Data Breach

In the time it takes you to read this sentence, hackers will make about 70,000 cyber-attacks. That’s a half of a million a minute, every day, all day, according to Fortinet Global Security. How often are they successful? According to digital security company, Gemalto, 35 data records are compromised every second.
 
One of the underlying reasons for sheer number of attacks is the rapidly increasing number of endpoint devices that provide targets for the hackers, as the graph here shows. Laptops, tablets, fablets, smartphones and other devices connected to the internet, many of which are crucial business tools.
 


 
$221 – or more – for every record breached
 
When hackers succeed, what’s the cost of a breach? The Ponemon Institute sets the average cost for a U.S. company at $221 for every record of sensitive or confidential information compromised. That includes the cost to remediate the security vulnerability, notify those affected, settle lawsuits, pay fines, and, most consequentially, realize the loss of business due to customer mistrust.  
 
Perhaps the most familiar example is retail giant Target. The 2013 breach of customer names and data has cost the company an estimated $252 million, according to data collected by the Consumer Bankers Association and the Credit Union National Association. 
 
Heathcare and financial organizations face higher costs of regulated industries
 
While the cost of a breach can be significant in any industry, healthcare and finance face particularly high expenses. As regulated industries, security incidents must be reported and can result in penalties. 
 
The Ponemon study sets the average per-record cost of a breach in healthcare at $355, the highest of any industry. Examples show a wide range of costly security lapses. A New York hospital deactivated a network server, making over 6,500 sensitive records accessible online, and resulting in a $4.8 million fine under the Health Insurance Portability and Accountability Act (HIPAA). A Texas health services company paid a $1.7 million fine when an unencrypted laptop containing patient date was stolen. 
 
Financial organizations can also face higher costs for breaches of sensitive data, driven by federal or state regulatory fines. An employee of an investment firm moved customer account information to a home computer. A cyber-attack on the employee’s personal server resulted in some of the information being posted on the internet for sale. A fine from the Securities and Exchange Commission (SEC), added $1 million to the cost of remediation.  
 
 
#1 corporate risk to business
 
According to a survey by The Economist, CEOs named cybersecurity the #1 corporate risk to business. 
 
Perhaps this is why:  a report on the 2016 Verizon breach found that in 93% of all data breaches, attackers needed minutes or less to compromise system. Yet, some 86% of those organizations didn’t discover a breach had occurred for weeks. Worse still, the breach was typically discovered by customers or law enforcement, not the organization.

 

Hackers are working 24/7.  Your cybersecurity has to do the same.
 
Statistics clearly show the times demand greater focus on security. MCPc has been applying deep logistics expertise to computers since they became personal in the 1980s. We’ve always been a pacesetter in the critical technologies that impact our customers’ businesses.
 
It’s no different in the area of cyber insecurity. MCPc founder, Mike Trebilcock, and his leadership team, spotting the trends, began a highly concentrated, company-wide attack on the problem more than 24 months ago. Millions of dollars were invested in bringing aboard highly trained security experts and enhanced facilities. For example, Bob Eckman, a specialist from the nuclear industry, one of the highest security fields in the world, is now MCPc’s Chief Information Security Officer. 
  
The investment in in-depth defense at our SkyPark Technology Logistics Center is another example. Throughout the facility, multi-factor authentication, enhanced reporting controls and other features can keep customer property and information well protected, from purchase through destruction. For organizations facing industry regulatory compliance, such as HIPAA, SkyPark has four, isolated, operational Zones. And, most recently, MCPc has launched a Security Suite that includes device monitoring, threat monitoring, endpoint hardening and other services for end-to-end protection.
 
skypark_floorplan_624x461.png

Literally millions of cyber-attacks have occurred while you’ve read this article.  Up to 40,000 records may have been breached.  If you’re wondering if your organization might be the target right now, assume the answer is “yes.”  Today, organizations are taking security to the next level.  Are you?
 

 


Comments

Comments
This post currently doesn't have any comments.
 Security code

Case Study

Virtualization, Compliance Management, and User-Segmentation

MCPc created a virtualization solution to simplify compliance management and enable mobile and secure access to International Law Firm's document management system

READ MORE »

Case Study

Execute Seamless IT Transition During Large Acquisition

Transition IT of 120 new branches without service interruption to both customers and employees.

READ MORE »

Innovations

At the forefront of innovation is technology. From crafting integrated support and lifecycle management solutions to addressing specific regulatory and financial constraints, MCPc is committed to developing cutting-edge technology solutions for its clients.

HOW WE INNOVATE FOR OUR CLIENTS »