BreachExchange mailing list archives
The Cost Of Data Breaches Will Get Even Higher
From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Mon, 24 Oct 2016 16:38:56 -0600
http://www.huffingtonpost.co.uk/alastair-paterson/the-cost- of-data-breaches_b_12573436.html We all know cyberattacks are a fact of business life these days and it is no longer a question of if you get attacked, but instead when will you be compromised. When the ‘inevitable happened’, it used to be that a company was hit financially as a by-product of being hacked by cybercriminals due to factors like the impact on their reputation; customer loyalty and even share price. High profile hacks of businesses like Target in the US resulted in large-scale customer desertion (although short-term), a reduction in share price and even executives losing their jobs. Attacks are not going away - on the contrary they are getting more common. According to a UK government 2015 information security breaches survey, 90% of large organisations and 74% of SMEs reported a security breach, leading to an estimated total of £1.4bn in regulatory fines that have a current maximum of £500,000. But from 2018 the cost of a data breach or hack could go far higher with new EU legislation on data breach notification set to be implemented. These changes mean UK businesses could face up to £122bn in penalties for data breaches. In 2018, the European Union’s General Data Protection Regulation (GDPR) will introduce fines for groups of companies of to €20m or 4% of annual worldwide turnover, whichever is greater. Of course we don’t know what changes there might be based on Brexit, but even so it is likely the UK will adopt a similar fine doctrine. Clearly companies, both large and small, need to act now and start putting in place robust standards and procedures to counter the cyber security threat, or face the prospect of paying drastically increased costs in regulatory fines, as well as the reputational harm to their brand. To be ready for this and to counter the growing industrialization of hacking, businesses must gain an awareness of their digital footprint and the profile of their attackers. By doing this they can prioritize their security to where it has the most impact and therefore prevent, detect and help contain cyber-related incidents. Only by analyzing their company through an ‘attacker’s eye view’, can they be alert of potential threats, instances of sensitive data lose or compromised brand integrity and be able to stop them quickly with less impact on their brand, and then regulatory regime.
_______________________________________________ BreachExchange mailing list sponsored by Risk Based Security BreachExchange () lists riskbasedsecurity com If you wish to Edit your membership or Unsubscribe you can do so at the following link: https://lists.riskbasedsecurity.com/listinfo/breachexchange
Current thread:
- The Cost Of Data Breaches Will Get Even Higher Audrey McNeil (Oct 25)