No matter the industry that a business may be active in, it is almost indispensable in this day and age to have an online presence. From a small startup trying to make it big to multinational corporations, a website is the first point of entry to the brand, while every business holds an immense volume of valuable data that is vulnerable to hacker attacks. This means that investing time, effort, and money in safeguarding a high level of cybersecurity has risen to the top of business priorities across sectors. It is often said that it is better to be safe than sorry – even when being safe means investing considerable funds into protecting your company against cybercrime. But why is it so important to be proactive – and what difference does it make for a company?
Why Business Cybersecurity Matters
Implementing a sound proactive cybersecurity plan is very important for two main reasons when it comes to a cost-benefit balance: financial costs and reputation damage. Granted, setting up a comprehensive data security strategy can be complex and financially challenging. It means uncovering hidden risks such as rogue or forgotten databases and protecting data from both external attackers and careless or malicious internal users. It also includes covering several fields: from databases and mainframes to big data and from on-premises to cloud or hybrid environments, evaluating and addressing your business security might seem daunting.
Yet implementing cybersecurity measures can also help you comply with regulatory and privacy requirements, like those enshrined in the new EU General Data Protection Regulation or the PCI DSS standards for companies processing credit and debit card payment. Demonstrating compliance will not only sound more appealing to prospective clients, but it can also help you avoid fines such as those that Article 83 of the GDPR provides for – which can range up to €10 million or 2% of a company’s yearly turnover or €20 million and 4% respectively, according to the type of breach.
Falling victim to cybercriminals can have a devastating impact on a firm’s reputation, which can easily lead to loss of clients. According to research carried out by Ping Identity in 2018, 78% of consumers have stated that they would abandon a specific brand online if they found out they had suffered a data breach, and 36% of respondents insisted that they would stop dealing with the company altogether. Furthermore, 49% of people interviewed in this research, which surveyed over 3,000 individuals across countries such as the UK, the US, Germany, and France, have stated that they would not engage with an app or an online service that had recently experienced such an incident.
Reputational Damage: An Expensive Affair
The trend seems to be more general, as 54% of those surveyed admitted that they were more worried about the security of their personal data than they were the previous year, while 47% stated that they have changed the way they protect their personal information due to recent data breach incidents. Trust is very important for retaining old clients and drawing in new ones – but when word of mouth is bad for a business, then conversion rates drop. It is a well-known fact that Americans have always approached the federal government with caution and some degree of skepticism. Yet after the infamous Cambridge Analytica scandal and accusations that it failed to keep users’ data secure, Facebook’s trust rate was much worse. 60% of respondents stated that they do not trust Facebook with their personal data, while 37% did not trust Google and only 35% did not trust the federal government.
You will find more infographics at Statista
This reputational damage can easily be translated into monetary losses – not only because it takes funds to fight back and mitigate the consequences of a data breach, but also because it helps competitors. As the Harvard Business Review reports, the data breach suffered by healthcare insurance provider Anthem in February 2015 led to its competitor Aetna’s stock price rising by 2.2%, earning roughly $745 million. According to the same source, while Citigroup lost approximately $1.3 billion in 2011, after its stock price dipped responding to a data breach of some 146,000 client records, its loss would amount only to $16 million had it endorsed high transparency and control measures proactively, Instead, the company had to hire roughly 1,000 IT experts and invest $250 million in cybersecurity tools. According to the study published by HBR, higher transparency led to 1.5 times less damage to a company’s stock price, while higher customer control meant that stock prices remained unaffected after the breach.
Data breaches can become a truly costly business – which is why preparing and preventing is of paramount importance for businesses of all sizes.