Many modern businesses are making a fortune from trading in user data. In fact, our personal information is bought and sold so often now that we no longer consider it remarkable. We continue to hand over our private data willingly to large corporations, fully aware that they will likely try and monetize it. However, there have been a number of incidents over the last couple of decades where vast quantities of personal data have been stolen in targeted cyber attacks. In fact, this occurs at a much higher rate than many of us realize.
A Regular Occurrence
Every day, approximately five million data records are stolen, or in some cases misplaced. That means all that information, which works out as 58 records every second, either goes directly into the hands of cybercriminals or is left unsecured for anyone to exploit it. High profile data leaks, such as the infamous Equifax breach of last year, occur at an alarming frequency, but many smaller incidents go unreported or unnoticed.
The costs of these data breaches can be significant. Direct costs of such events often take the form of stock devaluations, regulatory fines, and other penalties for the data’s guardian, but there are also a variety of more hidden costs that need to be taken into account. In some cases, these can be even more significant.
In the immediate aftermath of many data breaches, the total impact is grossly underestimated. In some cases, this has actually worked in favor of the businesses that lose data. When a breach is discovered, a prompt response will not only minimize the severity of any regulatory action; it will also reduce the loss of confidence among consumers. The first headlines also tend to generate more attention than later updates on the situation, meaning that it is better for businesses to be judged on those initial assessments.
In 2013, Yahoo suffered a data breach that wasn’t unearthed until October 2016. When it was finally discovered, Verizon, who were in the process of purchasing Yahoo at the time, deducted $350 million from their acquisition offer.
In 2017, the Ponemon Institute published a study that suggested the global average cost of data breaches was $3.6 million, which works out at $141 per data record. These figures are lower than the calculations of the previous year. However, it should also be noted that the average size of data leaks increased over the same period. The size of such an incident is a significant factor in determining the overall cost, as well as the overall impact on the business’s reputation.
The introduction of the General Data Protection Regulations (GDPR) in the EU could mean that the costs of future breaches are significantly higher. In light of this, businesses will hopefully begin to take their obligations with our data more seriously.
Responding to Major Breaches
Data is precious, and anything with such a high perceived value is going to be targeted by thieves and criminals. All businesses should assume that external actors will try to access their systems and steal any sensitive data that they are storing. Therefore, companies should be looking for ways to protect themselves and reduce the chances of this occurring. They should also ensure they have clear procedures in place for when breaches do occur.
Remember, having an excellent cybersecurity infrastructure protecting your key business systems is no good if your workers aren’t protecting their data. Many businesses use cloud storage and sharing to allow for remote working. You should ensure that anyone connecting to your network remotely is using a VPN. It will ensure that the sensitive data they transmit to and receive from your business’s servers will be kept safe. In India, VPNs are plenty to choose from, so pick the one that your business will benefit from the most.
You don’t need to look any further than the Equifax breach to see the folly in delaying acknowledgment of any data breaches. Your workers should not only be more aware of the best practices for keeping information safe – you should also work with them to formulate a plan of response in case a leak still occurs.
Data breaches can be very costly for businesses that do not prepare for them. You should make sure you understand the relevant laws, regulations, and penalties that apply to these cases. Knowing this information will make it much easier to prevent and react to any loss of user data.