When looking at the recently released 2016 Cost of Data Breach Study: Global Analysis conducted by the Ponemon Institute, the takeaways for businesses are more than only the information on data breach cost changes and their impact on businesses.  One of those additional pieces of information include data breach cost megatrends.  These trends can serve as guidelines to better information security if you look beyond what is written; that is, if you take a more in-depth approach.

Out of the seven they list, two stand out because of the blend of information that shares insights in a way CEOs and CIOs can understand.  This provides great value when you think about the continued gap in communication between security and business executives.

Let’s take a look at two global megatrends in the 2016 Cost of Data Breach Study and see how a business can go about using this knowledge to take data security to the next level.

The first megatrend is that since first conducting the Cost of Data Breach Study, the Ponemon Institute has found that the cost of data breach hasn’t significantly fluctuated.  This suggests a permanent cost organizations need to prepare to deal with and add to their protection strategies.

Knowing this, allows a CIO to give the CEO and board an almost exact estimate of what costs they can expect if breached.  Since money is something the executive team is always talking about, the CIO now has something to communicate relating to information security in a language the CEO and executive team get, as well as highly value.

  • No business wants to lose money, so if a CIO is able to give a prediction that is pretty solid in numbers, this can do two things.  For one, it gives the higher up a clear idea behind the value of establishing a solid information security posture; and two, thanks to the CIO being able to present information security in such a way, they gain the ear of decision makers and can influence business decisions, such as budget allocation.

The second megatrend involves the financial consequences organizations experience following breach, which is lost business.  No matter how big or small, data breach causes customers to lose trust in an organization and take their business elsewhere.

Once more, we find a consistent and measurable cost to the ears of the CEO and executive team.  Retaining customers is something they already take care of in their business strategy, but usually it revolves around user experience and customer satisfaction.  Realizing that breach does affect customer retention, allows for a business to prepare accordingly.

  • Instead of waiting for breach, organizations can start setting up their customer retention process following breach now.  Not only would that include ensuring you don’t lose data, which means having a business continuity plan that includes more than just a back-up of data; but also deciding things like how to notify customers of breach, and what to do to make up for breach (this could be a discount or identity theft insurance).

Both of these trends give a clear message to any organization that really wants to stay in business.  They make it clear that breach has consequences that can shut down a company, but they also share valuable insights on what can be done by executives to prevent this scenario or at the very least, reduce the damage of breach.

If you are a business executive or security professional who is still unclear on the best information security approach to take, or maybe you are ready to take your risk management to the next level, get in touch.

NCX Group is here to help businesses like yours protect your data and stay in business.  All it takes is 15 minutes of your time.

 

Photo courtesy of Tashatuvango