What if the worst happened, and you discovered that hackers had absconded with your critical company data? Quantifying the cost in dollars is difficult, but it’s important to understand what the scope of your liability will be. Ultimately, it comes down to what is stolen in the data breach and how much of it was stolen.
Data Breach Cost Variables
- Cost of recovery
- Cost of downtime
- Cost of litigation
- Cost of settlement or award
- Cost of lost opportunity
The cost of recovery and downtime are roughly the same for all data breaches. Forensic discovery of what happened generally costs about $10K-$100K depending on the size of your network. You can assume that downtime will be about 5 days of business revenue loss due to lockdown, incident response, and IT recovery services.
The cost of litigation outside of settlement is also in the tens of thousands but usually covered by existing insurance.
Data breaches fall into a couple of relatively well-defined categories
Consumer Private Information
In a consumer information data breach, the costs are pretty well set by existing case law: Depending on the size of the breach, the costs will generally come down to between $2 and $20 per consumer’s lost data record. That means if you’ve got data regarding 10 million shoppers, your liability could approach $100M. For California consumers who are covered by the CCPA, and European consumers who are covered by the GDPR, statutory damages of $100 per lost record apply, but those are usually negotiated down in settlement. In all cases, figure no less than $5M and unlikely to be over $100M unless you’re a Fortune 500 company.
Payment Card Data breach
In a payment card data breach, you’re likely to be sued by two different plaintiff classes: consumers whose accounts were stolen and your merchant card processor to recover the costs of replacing the stolen credit cards. The consumer side of the case will wind up just like a consumer information data breach, and you’ll additionally settle with the financial industry plaintiffs for something along the lines of $1 per card breached.
Intellectual Property Data Breach
In an intellectual property data breach, the costs and consequences are very nebulous and depend entirely on who took your secret information and what they did with it. The consequences range from nothing to the dissolution of your business, depending on what would happen if your secret recipe was disclosed publicly. It’s sometimes the case that your own investors will sue you to recover their investment if you’ve lost the advantage that they invested in.
How Connetic Can Help
In all of these cases, the costs of data breaches are vastly higher than the cost of proper IT security and IT Support. The Connetic team has the unique training, knowledge, and expertise necessary to ameliorate risks by implementing security through comprehensive security audit practices, security framework compliance, and the comprehensive implementation of security solutions. Learn more about Connetic’s IT services and their approach to data security: CLICK HERE.