Information security breaches cost global businesses around $1m each

Written by on February 10, 2016 in Features with 0 Comments

Companies predict 13 percent drop in revenue and two months to recover from data breach – according to new report from NTT Com Security.

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million. This is according to a new Risk:Value research report from global information security and risk management company, NTT Com Security launched today.

Two thirds of global businesses predict they will suffer a security breach. The cost of such a breach to each organization will be nearly $1m and take two months, on average, to recover from, according to the new Risk:Value 2016 'Security breaches - what's the real cost to your business?' report from information security and risk management company, NTT Com Security, launched today. (PRNewsFoto/NTT Com Security)

While 54 percent of those surveyed say information security is ‘vital’ to their business and nearly a fifth (18 percent) agree that poor information security is the ‘single greatest risk’, two-thirds (65 percent) predict that their organisation will suffer a data breach some time in the future.

Respondents estimate a breach would take nine weeks to recover from and would cost $907,053, on average – even before the cost of any reputational damage, brand erosion and lost business are taken into consideration. Decision makers estimate that around a fifth (19 percent) of their company’s remediation costs would be spent on legal fees, 18 percent on compensation to customers, 15 percent on third party resources and 15 percent on fines or compliance costs. Other expected remediation costs include PR and communications and compensation to suppliers and employees.

The survey of 1,000 non-IT business decision makers in organisations in the UK, US, Germany, France, Sweden, Norway and Switzerland shows that recent high profile data breaches are hitting home. A similar Risk:Value report carried out by NTT Com Security in November 2014 revealed that just 10 percent of an organisation’s IT budget is spent on information security, compared to 13 percent this year. Respondents also anticipated a 13 percent drop in revenue following a breach, compared to 8 percent in 2014.

According to the report, almost all respondents say they would suffer external and internal impacts if data was stolen in a security breach, including loss of customer confidence (69 percent) and damage to reputation (60 percent). One third of business decision makers also expects to resign or expects another senior colleague to resign as a result of a breach.

Garry Sidaway, SVP Security Strategy and Alliances at NTT Com Security, commented: “Attitudes to the real impact of security breaches have started to change, and this is no surprise given the year we have just had. We’ve seen household brands reeling from the effects of major data breaches, and struggling to manage the potential damage to their customers’ data – and the cost to their reputation. While the majority of people we spoke to expect to suffer a breach at some point in the future, most also expect to pay for it – whether that’s in term of remediation costs, customer confidence or possibly even their jobs.”

The report also shows that less than half (41 percent) of organisations have some kind of insurance to cover for the financial impact of data loss and a security breach, while 12 percent are not covered for either. However, over a third (35 percent) of respondents say they have a dedicated cyber security insurance policy, with 27 percent in the process of getting one. Around half (52 percent) have a formal information security policy in place, while 27 percent are in the process of implementing one.

Other survey highlights:

  • Only around one in five (22 percent) respondents report that all of their organisation’s data is completely secure
  • Consumer (57 percent) and business (55 percent) customer data are the types of data that respondents are most likely to say that their organisation needs to protect
  • Three in ten (30 percent) respondents say that more is spent on human resources (HR) than information security
  • Almost all respondents report that there would be external (98 percent) and internal (98 percent) impacts if their organisation had information stolen in a security breach.

The Risk:Value Executive Summary report can be downloaded here

Tags: , , ,

About the Author

About the Author: From our press centre we select the top industry news stories from the leading online publications and wire services and bring them straight to you. .


If you enjoyed this article, subscribe now to receive more just like it.

Subscribe via RSS Feed

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.