Restaurant and Retail merchants continue to be active targets for cybercriminals and with the rising costs associated with a data breach, it’s important to know the scope of your risk and what it could mean to your bottom line. While a data breach may seem like it may never affect your company specifically, it is far more common than you probably think. Data breach incidents increased by 30% in the first half of 2017.
Over the past five years, the average cost per record lost has increased 20% to an all-time high of $225. Of this sum, $146 accounts for lost customers and the remaining $79 represents the cost to resolve the breach in the way of legal fees, technology investments, and system updates. A breach affecting just 2,000 customer records could mean a $450K loss to your small business. In fact, research conducted by the National Cyber Security Alliance found that as much as 60% of hacked small and medium-sized companies go out of business after six months.
It doesn’t come as a surprise that the leading cause of a breach continues to be of malicious and criminal nature – accounting for 52% breaches in 2017. System glitches and human errors (lack of employee training) share second place, each responsible for 24% of incidents. Not only are the majority of these occurrences done with malicious intent, this specific cause happens to also be the priciest of the three, ringing in at a whopping $244 per compromised record. In contrast, the cost associated with system glitches and human error are substantially less at $209 and $200 respectively.
Four new factors now play a role in the 2017 cost analysis, most notably, the presence of compliance failures, which increased the cost per record by $19.30. One way to combat a potential breach? Make sure you are adhering to all compliance requirements set forth by the PCI Security Standards Council because, of all the investigated breaches from 2010 to 2016, not a single one was PCI compliant at the time of the breach.
But achieving and maintain compliance over time is challenging and most likely not core to your business goals. Relying on professionals with compliance and security experience can ease the burden and reduce your monetary risk.
Here are a few questions you should ask of compliance providers to get the most for your money:
- Do you run quarterly scans to detect network or firewall weaknesses?
- If the scans are failed do you help remediate any issues to reestablish security?
- Is there assistance with the attestation of compliance?
- What if I need a QSA to complete my attestation of compliance?
- How do I know which self-assessment questionnaire I am required to complete?
- Do you offer any assistance in training my employees properly to prevent a data breach?
- Is there a resource, in the event of a breach or even for general questions, that can be utilized even after business hours?
NuArx has crafted a security solution that addresses all of the questions above and minimizes the responsibility associated with maintaining secure network compliance and lets you focus on other things – like running your business. Our Continuous Compliance Management (CCM) solution lends you a second set of hands to assist in securing your assets and safeguarding confidential information retained by your company 100% of the time.
2017 Verizon Payment Security Report
Ponemon Institute 2017 Cost of Data Breach Study
National Cyber Security Alliance