The Human Element To A Data Breach
In the immediate aftermath of a cyber attack, your network is going to go into lockdown, set either by the cybercriminal who was able to infiltrate your system, or by your IT team in an attempt to boot the hacker from the network and patch up the compromised code. Until you’re able to get into the network and learn what information and private data were stolen or corrupted, you won’t know the real extent of the damage. But you can be sure of one thing: a significant emotional toll.
Investigating data breaches and the financial cost of rectifying the after effects of cyber attacks from around the world, the Ponemon Institute (an organization that conducts independent research in security policy and data protection) just released their annual Cost of a Data Breach Study. For the purposes of this article, we’re going to look at the research they collected about data breaches in the United States.
The institute found that the average cost of a compromised electronic record in the U.S. was $221, with malicious attacks (ransomware and phishing) found to be the most expensive. It was also learned that the industries targeted most by cybercriminals are:
- -Financial Services
- -Life Sciences
Cybercriminals go after these services most often because they store very private and very sensitive information, including medical records, banking statements, social security numbers and other confidential data. Companies that experienced a data breach lose business as a result and their brand is forever associated with lax cyber protection and poor customer care. This is what hurts a company the most. It’s not paying a higher cybersecurity insurance policy premium, it’s not paying the exorbitant costs of beefing up cyber protection, or even paying the ransom to get their stolen data records back. It’s losing customer faith.
The Face of The Breach
Data breaches hurt all parties involved: The company and the client. When Target was hit by a massive data breach back in 2013, Target CIO Beth Jacob resigned and the company’s chief executive, Gregg Steinhafel, was fired after 35 years with the company. The company has had to pay over $250 million in fees alone. After the breach, Target’s net income went down 46 percent.
Yes, customer data was stolen and hackers had credit card, birthdate (and in the more extreme cases) social security numbers. But does that mean Target should have rebuilt their security team from scratch? Or should they have offered better training and support? While some reading this article might argue for a cut and dry ‘yes’, let’s think for a minute about the staff who did not get the training or support they needed from the higher-ups. Yes, CEOs and CIOs should be let go from a company if they did not put every effort into protecting customers, but what we need to remember is that they also failed their support staff.
Success Starts With Training
If your IT staff or employees have not been briefed on what to and what not to do on the company network, and if they haven’t been taught how to look for signs of a cybersecurity breach, and if they haven’t been sent to workshops and training sessions about cybersecurity and protection, you can surely bet that your company’s firewall is no match for the skilled cybercriminal. Look at what happened to the DNC this past summer. They were a large and reputable organization, until the massive email leak.
Your business is only as strong as its message, and if there are cracks in the network, a hacker will find them. Protect your employees and your customers with training, hands-on experience and care.