The increase in attack effectiveness and remediation costs, along with new compliance fines are causing the cost of a data breach to rise significantly.
You’ve heard about some of the largest and most costly data breaches in the past few years. Marriott, Equifax, Epsilon, TJX, and more – all of these breaches have cost hundreds of millions of dollars, with some projected to go above $1 billion in costs. In many ways, this is simply a factor of the number of accounts breached, and the costs to remediate each one.
But, according to Juniper Research, global companies will pay an estimated $5 trillion in fines by 2024, up from $3 trillion this year – a 67% increase. Juniper estimates that the cost has been increasing by 11% annually. This is corroborated by the well-known Ponemon Cost of a Data Breach report which has that same historical increase pegged at around 12%.
One of the reasons for material increases in the future is the growing trend of data protection laws around personal data. The forthcoming California Consumer Privacy Act (CCPA), which has close ties in intent with the EU’s General Data Protection Regulation (GDPR), has fines of between $100 and $750 per consumer, per incident. If you were to take the 148 million records from Equifax breach and put it in those terms (despite everyone affected not living in California), the cost would be a minimum fine of nearly $15 billion.
It’s going to either get really secure or very costly in the next few years.
Organizations need to have a layered security strategy in place that helps to thwart the majority of attacks. Technologies like DMARC; email, DNS, and web scanning; endpoint security; multi-factor authentication and Security Awareness Training are just some of the staples that must be put in place within your organization.
With costs projected to only go up, you simply cannot afford not to.