It’s important for businesses to determine the cost of a potential data breach, so they can know how much money is worth investing in security.
Some companies are tempted by the instant savings offered by cutting security budgets, but the long-term costs of this strategy can be great. However, if a business can determine that a data breach would cost them $100 million, then an investment of $10 million in cyber-security would not be unreasonable.
According to the Ponemon Institute’s 2014 Cost of Data Breach Study, the average breach in the United States costs $195 per record lost, or approximately $5.85 million in total. The Ponemon Institute lists the usual expenses incurred as the result of a breach, including the hiring of forensics experts to conduct the investigation, as well as hotline support, customer notification and free credit monitoring for affected customers.
However, there are many additional costs that follow a breach. For instance, analysts at Macquarie Research estimate that Sony will be spending up to $83 million rebuilding internal computer networks and instating new security systems. There are also legal fees to consider, as well as the loss of business during the time of the breach.
Businesses that suffer security breaches also have to deal with intangible costs, such as loss of consumer trust. Target, for example, has taken many months to recover from its 2013 cyber-attack that resulted in leaked customer payment card numbers.
These costs can quickly pile up to make a data breach difficult for a company to recover from, which is why it’s important to estimate damages ahead of time so you can invest in the appropriate levels of security. Make sure your point of sale computer systems are up-to-date and secure, so you can rest assured you’re protecting your customer’s information as well as your business.