By Cameron Abbott and Harry Crawford
A recent survey has shown that nearly one-third (29%) of US businesses experienced a data breach in the previous year.
The Hartford Steam Boiler Inspection and Insurance Company, part of global reinsurer Munich Re, conducted the survey which shows that 8 in 10 affected businesses spent at least $5,000 to respond. 27 percent of the businesses spent between US$5,000 and US$50,000 to respond to the data breach and 30 percent spent between US$50,000 and US$100,000, and a considerable portion spent even more than that. The costs were not only directly financial, with two-thirds of the affected businesses reporting their reputation was negatively impacted.
Vendors or contractors are the biggest culprits. Almost half of the breaches (47 percent) were caused by a vendor or contractor working for the business, followed by employee negligence (21%) and lost or stolen mobile devices or storage media (20%).
This survey shows that data breaches are a prevalent business risk, but also that businesses don’t realise this. 51% of surveyed businesses said a lack of knowledge and 41% said a lack of resources would be the biggest hurdle for their organisation to respond to a data breach.
For businesses to protect themselves against the very real risk of costs caused by data breaches, this has to change.
The good news is that businesses can take steps to protect themselves. For example, where the breach is caused by a contractor, the business can hold the contractor liable for damage caused by the breach… but only if the contract has been correctly drafted. A number of our clients are auditing their supply chain for this very reason.