Within the past few years, there have been many large scale American data breaches that have put the personal information of many at risk. Retailers such as Target and Home Depot, technology company Sony, and digital giant Yahoo! have all been victims in the recent past.
The numbers are shocking. In the U.S. alone, it is estimated that over 900 million records of personal identifiable information had been stolen within the past couple years, which begs the question, how much does a data breach cost a company once it has been hacked?
According to the researchers at the Ponemon Institute and IBM, the average cost of a breach is a whopping $7 million dollars. Their report, the 2016 Data Breach Study, reports that this past year has unfortunately seen the highest average cost per record, causing the business $221 for every personal record stolen.
This number encompasses two details: the indirect and direct costs of dealing with a cyber breach. Indirect costs are defined as the amount spent on existing internal resources that will help resolve the breach, while direct costs entail the amount the business must pay to assist those who have been accessed.
All in all, the report showed that companies were more likely to spend more on their indirect costs. On average, an enterprise would spend $145 and $76 per record compromised.
In order to prevent these data breaches, financial experts recommend that for security purposes, businesses should not store everything electronically. For example, when it comes to tax records and receipts, they should be kept for seven years then shredded, because the confidential information on the forms can be hacked into, putting the user at risk for identity theft.
However, it seems that businesses are becoming more complacent in protecting themselves against potential cyber attacks. CIO reports that while the majority of organizations have plans in place to prepare for data breaches, only 26% don’t practice their plan. Of that amount, 64% admitted to not practicing their plan because they do not see it as a priority.
Michael Bruemmer, vice president at Experian Data Breach Resolution, explains to CIO that there are many implications of not protecting your business from cyber hacks. He explains, “Investing in breach preparedness is like planning for a natural disaster. You hope it will never happen, but just in case, you invest time and resources in a plan so your company can survive the storm.”