Coffee Coaching
Showing results for 
Search instead for 
Do you mean 

The Cost of a Security Breach

Xani on ‎06-16-2014 09:53 AM

We know, your SMB customers have a lot on their plates and keeping up with cybersecurity simply isn’t most people’s idea of a good time. For many businesses, SMBs included, it is one of those mundane tasks that should be done regularly… but often gets bumped down to the bottom of the to do list while other tasks are put at the top.


Cost-of-breach-graphic.pngThat is until their systems are breached. A security breach won’t just disrupt normal operations, it can also carry substantial direct and indirect costs that can seriously hurt small and midsized businesses. We think explaining how much damage a breach can do will help your SMB customers understand the importance of keeping up with cybersecurity best practices.


The Cost of a Breach

Estimating the cost of a breach is not a simple task. With so many factors to consider, from the nature and extent of the breach, to the size of the affected company, the damage can vary wildly on a case-to-case basis. That is where the  Ponemon Institute’s annual Cost of Data Breach Studycan help. By studying numerous breaches and their outcomes, Ponemon’s report found the 2014 average breach cost to be $201 per record for companies in the United States.


Although most SMBs will not have that many records affected, it is important to remember that a security breach, no matter how big or small, can have a more substantial effect on SMBs than on larger businesses.


Breaches and Costs can Differ

Just as no business is the same, not all breaches are created equal. Slightly more than half of all data breaches are unintentional, either caused by human error (31%) or a system glitch (25%). However, 44% of breaches are the result of deliberate malicious activity, and these malicious attacks cost more than unintentional breaches—to the tune of $246 per record.


Costs can also vary by industry. Some industries (healthcare, education, and financial services) face a significantly higher per record cost, while others (hospitality, transportation, and retail companies) may face lower than average costs. Different industry verticals face not only different costs, but different incident levels as well.


Indirect Costs of a Breach

The true cost of a data breach is not so much in the breach itself as it is in the after effects that come from the breach. The Ponemon study reported that direct costs, costs related directly to containing and addressing the breach and its immediate effects, accounted for only one third of the total cost of a data breach. This means that two thirds of the costs were indirect! It is important that SMB customers understand that a data breach does not affect just their business systems, but can also have significant carryover effects in terms of business standing and future performance. Indirect costs can have a much greater effect on SMBs than on larger enterprise businesses.


Small Businesses are NOT Immune!

The Verizon 2014 Data Breach Investigation Report further illustrated the fact that small businesses are not immune from security breaches! While large businesses are certainly targeted more frequently (reporting eight times the number of security incidents as small businesses) small businesses are nearly thirteen times more likely to suffer confirmed data loss as a result of a breach.


Another study that surveyed employers in the United Kingdom regarding security breaches, indicates that “[small businesses are] now experiencing incident levels previously only seen in larger organizations”. Fully 60% of small businesses had security breaches in the last year, and 12% detected successful penetrations of their networks.


Defensive Measures

While it is virtually impossible to defend against all data breaches, there are a few common sense security best practices your SMB customers can use to protect their businesses from the most common threats:

-          Stay current with system and security updates

-          Keep hardware up to date

-          Secure vulnerable entry points

-          Be vigilant, and train all staff to be vigilant, with online activity

-          Encrypt sensitive information

-          Conduct security reviews


Read our recent Coffee Coaching blog, Anatomy of a Breach, for more details on how your SMB customers can protect their business and data from security breaches and join the Coffee Coaching community on Facebook, Twitter, YouTube, and LinkedIn.

About the Author


Leave a Comment

We encourage you to share your comments on this post. Comments are moderated and will be reviewed
and posted as promptly as possible during regular business hours

To ensure your comment is published, be sure to follow the Community Guidelines.

Be sure to enter a unique name. You can't reuse a name that's already in use.
Be sure to enter a unique email address. You can't reuse an email address that's already in use.
Type the characters you see in the picture above.Type the words you hear.
1-3 December 2015
Discover 2015 London
Discover 2015 in London, the ultimate showcase technology event for business and IT professionals to learn, connect, and grow.
Read more
November 2015
Software Online Expert Days
Join us online to talk directly with our Software experts.
Read more
View all