Cost of Security Breaches Are Lower Than Expected

For the average American company, the cost of cyber breaches are not as much as estimated by experts. Researchers from RAND Corporation found that the average cost of a breach was $200,000, which is less than 0.4 percent of a typical company’s annual revenue. That figure is about equal to a company’s annual information security budget.

Although the importance of cyber safety has been a huge issue in recent years, experts at RAND said that some companies overestimate the importance. However, they did not criticize companies for taking extra precautions. Breaches among American companies have made front-page news over the last decade and have pinpointed risky practices that put millions of individuals’ personal information at risk. Many experts maintain that there could still be a digital apocalypse if bigger American corporations do not increase their efforts to fight hackers.

This study was performed because of an executive order issued by President Obama in 2013, which directed the National Institute for Standards and Technology to come up with some voluntary guidelines that addressed online security. That policy was enacted following a public concern about attacks online rising because of major breaches such as those that happened to Target and other large corporations. The study looked at 12,000 incidents compiled by a company that gathers information about reported breaches.

Incidents from several categories were examined. They included security incidents that led to stolen intellectual property or the disruption of services. Skimming, phishing and malicious harvesting were also some methods of attacks. Several attacks were on cell phones, and many were on computers.

Experts found that security breaches had increased from only 64 in 2012 to well over 250 in 2014. Government entities, health care organizations and financial institutions were the most common targets. When looking at the financial implications of the attacks, experts said that notifying consumers, finding the cause of the breach, paying for monitoring, dealing with legal actions and increasing customer support were some of the biggest expenses for companies.

Although these were the biggest costs, researchers at RAND said that they were not unreasonable in amounts. Also, they were lower in comparison with the cost of dealing with theft, fraud, bad debt and corruption within a corporation. Research also showed that consumers were typically satisfied with companies’ responses to security breaches.

Experts suggested that programs designed to reduce premiums in an exchange for increasing security measures may be an effective strategy to combat breaches. Small businesses must remain vigilant and take responsibility for protecting the personal information of their clients.

Let us help you make informed decision about your business insurance needs.  Our licensed agents specialize in cyber liability insurance, give us a call today at 844-325-9516.