Data breaches can be financially devastating, especially to a small business. More than half of small businesses that experience a data breach go out of business within 5 years of that breach. Costs associated with a date breach include remediation payouts, fines, and loss of business due to your damaged reputation.
The Cost
The average cost for a small business who experiences a data breach is over $3,000 per employee. Lost business due to the data breach, is what cost companies the most.
The global average of a data breach is between $1.25 million to $8.19 million, with an average cost of $3.9 million. This statistic brings in data from all types and sizes of organizations. Small businesses had an average cost of $2.6 million. However, per employee, small businesses pay out more for a data breach. Small businesses (less than 1,000 employees) pay $3,533 per employee on average. Large organizations average $204 per employee in the wake of a data breach.
Over the last year, the cost of a data breach has increased by 1.5%. This cost has risen by 12% over the last five years.
The Factors
It is hard to estimate the cost of a data breach if it happens to your small business. It depends on your size, industry, the type of data accessed, and your location. Cyber security data can be hard to pin down due to the nature of the threat. Every day there are new breaches exposing millions of records.
Data breaches occur due to malicious/criminal attacks, system glitches, and human errors. The cause of the data breach can have an impact on the total cost too.
On average, it takes 279 days to identify and contain a breach. This means, for the average business, the cyber-criminal has been on their system for over nine months before any action is taken to stop the attack. By the time anyone knows a breach has happened, the damage has been done. This makes mitigating the cost of a data breach difficult. The sooner a breach is identified and dealt with, the less it will cost a company.
Impact of a Cyber Security Team
Incident response teams are an important part to any organization’s cyber security measures. An incident response team is there to monitor activity and act on anything suspicious that could be a threat. This will help quicken your organization’s response time and allow you to be more effective neutralizing the threat. Incident response plans laid out ahead of any issue will aid in a quick and effective response. On average, companies that have an incident response team in place saved $1.2 million, when an incident occurred.
These statistics have been pulled from IBM and Ponemon Institute’s annual report, “Cost of a Data Breach.” This report also points out that the United States is the hardest-hit country for data breaches and have higher costs associated with them as opposed to other countries. Healthcare is the hardest hit industry.