The past year has seen many hard-hitting data breach headlines, which have laid waste to the reputations of numerous businesses globally. The EU’s General Data Protection Regulation (GDPR) forced many organizations to improve their cyber security practices earlier this year, followed by the impending 2020 California Consumer Privacy Act (CCPA). But, these have not been enough to prevent data breaches from occurring.
TalkTalk, Vision Direct, NewEgg, Ticketmaster, Dixons Carphone and Butlin’s are just a few businesses that have been affected this year. These breaches don’t only present a danger to the customers who have had their personal data and PII stolen, but also to the businesses that risk having their hard-earned reputations destroyed virtually overnight.
A common cause of a data breaches the reluctantancy to spend the money and resources required to ensure that website security systems and procedures are in place. Businesses must look beyond traditional cyber security measures to enable protection against third-party technologies which could compromise the security of the website supply chain. This is undoubtedly a false economy when compared with the true cost of a data breach.
Research has found that website security spending is on the rise, but this has not put a dent in the number of breaches. Ponemon’s 2018 study ‘Data Risk in the Third-Party Ecosystem’, suggests that one of the biggest risk factors is businesses failing to understand how third-party providers and technologies use and secure their data. In fact, 59 percent of organizations said they rely on third-parties to notify them when their data has been shared.
The immediate negative impact of a data breach is clear; the company’s name is invariably dragged through the press and the damage this has on a company’s reputation and the trust customers have in the organization can be huge.
Research has shown that up to a up to a third of the customers, healthcare and finance businesses will discontinue their relationships with organizations that have been breached. But, that’s not all; companies that experience a breach will often see an increase in the cost of acquiring new customers.
Long after the initial consequences of a breach have been felt, there are a number of pernicious, longer-term effects that can cause significant damage to a business. These indirect costs impact on the business’s ability to rebuild months and even years after the cyber attack.
· Damage control
One of the greatest longer-term impacts of a data breach comes in the form of damage control. Many customers and victims of a data breach will rightfully seek compensation for the losses they incur from the company. That often takes the form of legal action, even when the financial losses cannot be quantified.
In the recent TalkTalk data breach, the company allowed customers who were affected to leave their existing contracts. In this case, as well as affecting the firm’s ability to attract new customers, it also lost much of its existing business.
But, the true extent of damage control doesn’t stop there. Following a data breach, the cost of repairing and remediating a company database or website can be substantial. A big part of the remediation involves changing the business’s processes and employee behaviour, both of which takes a significant amount time.
· The loss of intellectual property
Losing customer data to hackers is extremely costly, but it is something a business can recover from eventually. The loss of intellectual property, on the other hand, could threaten the business’s survival. Intellectual property is at the heart of the 21st-century company. In fact, it can constitute up to 80 percent of a company’s value.
With more information about the impact the loss of intellectual property could have on a business, executives are now beginning to better align their cyber security programmes with their IP management, but many organizations still leave these critical assets dangerously exposed.
· A falling share price
Another longer-term impact of a data breach is the loss of internal and external confidence in the business, which inevitably leads to a fall in the share price. Research has shown that there’s an average 5 percent drop in a firm’s share price on the day a breach is announced.
The damage done to a brand’s value is not something businesses can quickly bounce back from. In fact, companies that do not respond quickly to an incident can expect a share price decline that lasts an average of more than 90 days.
While third-party technologies like ads, analytics, trackers and social-media buttons provide great functionality, interaction and even revenue-generating opportunities to your website, they also can come with cyber security risks if you do not have the correct website security measures in place. Ensighten MarSec™ enables website protection to keep your website supply chain secure. Get in touch to find out more or schedule a demo today.