Gemalto’s recently released Data Security Confidence Index uncovers what companies face as a result of suffering a data breach.
27% of respondents said their organisation had suffered a perimeter security breach in the last 12 months, and blamed both internal (65%) and external (79%) sources for the incident. External threats include malicious outsiders, state-sponsored groups and hacktivists.
Either way, what catches the eye is the fact that 92% suffered negative commercial consequences that impacted four key areas: productivity, reputation and clientele, business, and legal.
Development delays and lost market position
Data breaches caused delays in product development (36%), and in getting products or services to the market (28%). Furthermore, they affected employee productivity: 31% of companies saw losses in productivity, and 27% had their bottom line affected.
Decreased customer confidence and loss of clientele
Security incidents had massive effects on companies’ reputation and brand: 30% of companies experienced negative press, which badly impacted the clientele. 26% of organisations saw a drop in customer confidence and 20% lost customers. For SMEs especially, a poor reputation can be detrimental to the survival of the business. Download this free guide to learn more about how to protect your brand reputation.
Loss of business opportunities
Losing customers’ confidence badly impacted ongoing and future business opportunities: 11% of companies lost repeat business, 18% lost new business and 15% lost business to competitors (which probably hadn’t suffered any data breaches).
Paying the price for your information insecurity
22% of organisation incurred fines and penalties following the data breach, and a further 6% had to sustain lawsuits or legal action (probably raised by consumers and shareholders who had their data stolen during the breach).
Nowadays, companies are asked to promptly report any data breach they suffer. With the introduction of the EU General Data Protection Regulation (GDPR) in 2018, all companies will need to notify the local protection authority (in the UK, the Information Commissioner’s Office) of data breaches within 72 hours of their discovery. Download this free paper to read more about the GDPR.
Get basic cyber security hygiene
The UK Government has created a cyber security scheme to help companies implement basic cyber security measures to keep their data and networks safe from internal and external attacks. By achieving a Cyber Essentials certification, your company will improve its resistance to cyber threats, as well as prove to customers, investors and shareholders that it takes cyber security seriously. More than 2,000 UK companies have already achieved Cyber Essentials or Cyber Essential Plus certification.
If you need help in getting started with your Cyber Essentials project, our packaged solutions will provide you with tools, resources and expert advice. See the three packaged solutions.