According to the Identity Theft Resource Center, the number of data breaches tracked in the United States reached an all-time high of 1,579 in 2017. This represents a 44.7% increase over the number of breaches reported in 2016.
As of July 2, 2018, there have been 668 breaches consisting of 22,408,258 exposed records.
When an incident occurs, the natural reaction is to think about the short-term impact. Most companies focus on assessing the damage; developing a response; and securing funds to pay for fines, legal fees, consulting third parties, and consumer identity protection services. The real challenge is to mitigate risk to the organisation from the long-term effects, such as class-action lawsuits, damage to brand reputation, erosion of consumer trust, and lost business opportunities. This paper takes an in-depth look at the true costs - both short and long term - of a data breach, and provides steps and tips that executive teams and security leaders can use to determine and reduce the true cost of a data breach.
Recent high-profile breaches have resulted in executive shakeups and measurable breach costs as high as nine figures after insurance and deductions. However, calculating the intangible long-term costs is difficult due to the many variables that can negatively impact the bottom line. Organisations that have experienced recent data breaches are still in the process of uncovering these costs, such as: business opportunities lost due to the distraction of these crises, erosion of investor and consumer confidence, abnormal churn, and increased acquisition costs just to name a few. Before delving into these costs and how to assess and develop effective strategies, it's important to understand the nature of the threat.