Showing results for 
Search instead for 
Did you mean: 

The Cost of a Security Breach


We know, your SMB customers have a lot on their plates and keeping up with cybersecurity simply isn’t most people’s idea of a good time. For many businesses, SMBs included, it is one of those mundane tasks that should be done regularly… but often gets bumped down to the bottom of the to do list while other tasks are put at the top.


Cost-of-breach-graphic.pngThat is until their systems are breached. A security breach won’t just disrupt normal operations, it can also carry substantial direct and indirect costs that can seriously hurt small and midsized businesses. We think explaining how much damage a breach can do will help your SMB customers understand the importance of keeping up with cybersecurity best practices.


The Cost of a Breach

Estimating the cost of a breach is not a simple task. With so many factors to consider, from the nature and extent of the breach, to the size of the affected company, the damage can vary wildly on a case-to-case basis. That is where the  Ponemon Institute’s annual Cost of Data Breach Studycan help. By studying numerous breaches and their outcomes, Ponemon’s report found the 2014 average breach cost to be $201 per record for companies in the United States.


Although most SMBs will not have that many records affected, it is important to remember that a security breach, no matter how big or small, can have a more substantial effect on SMBs than on larger businesses.


Breaches and Costs can Differ

Just as no business is the same, not all breaches are created equal. Slightly more than half of all data breaches are unintentional, either caused by human error (31%) or a system glitch (25%). However, 44% of breaches are the result of deliberate malicious activity, and these malicious attacks cost more than unintentional breaches—to the tune of $246 per record.


Costs can also vary by industry. Some industries (healthcare, education, and financial services) face a significantly higher per record cost, while others (hospitality, transportation, and retail companies) may face lower than average costs. Different industry verticals face not only different costs, but different incident levels as well.


Indirect Costs of a Breach

The true cost of a data breach is not so much in the breach itself as it is in the after effects that come from the breach. The Ponemon study reported that direct costs, costs related directly to containing and addressing the breach and its immediate effects, accounted for only one third of the total cost of a data breach. This means that two thirds of the costs were indirect! It is important that SMB customers understand that a data breach does not affect just their business systems, but can also have significant carryover effects in terms of business standing and future performance. Indirect costs can have a much greater effect on SMBs than on larger enterprise businesses.


Small Businesses are NOT Immune!

The Verizon 2014 Data Breach Investigation Report further illustrated the fact that small businesses are not immune from security breaches! While large businesses are certainly targeted more frequently (reporting eight times the number of security incidents as small businesses) small businesses are nearly thirteen times more likely to suffer confirmed data loss as a result of a breach.


Another study that surveyed employers in the United Kingdom regarding security breaches, indicates that “[small businesses are] now experiencing incident levels previously only seen in larger organizations”. Fully 60% of small businesses had security breaches in the last year, and 12% detected successful penetrations of their networks.


Defensive Measures

While it is virtually impossible to defend against all data breaches, there are a few common sense security best practices your SMB customers can use to protect their businesses from the most common threats:

-          Stay current with system and security updates

-          Keep hardware up to date

-          Secure vulnerable entry points

-          Be vigilant, and train all staff to be vigilant, with online activity

-          Encrypt sensitive information

-          Conduct security reviews


Read our recent Coffee Coaching blog, Anatomy of a Breach, for more details on how your SMB customers can protect their business and data from security breaches and join the Coffee Coaching community on Facebook, Twitter, YouTube, and LinkedIn.

0 Kudos
About the Author


June 18 - 20
Las Vegas, NV
HPE Discover 2019 Las Vegas
Learn about all things Discover 2019 in  Las Vegas, Nevada, June 18-20, 2019
Read more
Read for dates
HPE at 2019 Technology Events
Learn about the technology events where Hewlett Packard Enterprise will have a presence in 2019.
Read more
View all