2019 in Review: Year of the Breach
Over the past year, over 7.9 Billion Records have been breached across the planet. These records include your name, phone number, home address, e-mail address, account names and passwords, pictures, health-records, and payment info. The hacked information is being used to create even more powerful phishing attacks, steal identities, gain access to higher-level accounts, and more. Although the biggest breaches grab the headlines, many of the most costly breaches are for small and medium businesses. The truth is, everyone is vulnerable and the cost of these breaches is increasing.
The words "unsecured database" seemed to run on repeat through security journalism in 2019. Every month, another company was asking its customers to change their passwords and report any damage. Cloud-based storage companies like Amazon Web Services and ElasticSearch repeatedly saw their names surface in stories of negligent companies -- in the fields of health care, hospitality, government and elsewhere -- which left sensitive customer data unprotected in the open wilds of the internet, to be bought and sold by hackers who barely had to lift a finger to find it.
According to an IBM study, the impacts of these breaches are felt heavily by Small and Medium companies.
The financial consequences of a data breach can be particularly acute for small and midsize businesses. In the study, companies with less than 500 employees suffered losses of more than $2.5 million on average – a potentially crippling amount for small businesses, which typically earn $50 million or less in annual revenue.
So, what can be done? First, start by treating customer data with the care that it is deserved. If a business believes that personal data is owned by their customer, they transform how they store their data. Second, use tools to secure and abstract customer data. This is what ROWND is working on RIGHT NOW. We will allow apps and websites to leap forward with a model that gives their customers data the focus and status it deserves.
Some more from IBM:
Number of compromised records: Data breaches cost companies around $150 per record that was lost or stolen.
Companies that fully deployed security automation technologies experienced around half the cost of a breach ($2.65 million average) compared to those that did not have these technologies deployed ($5.16 million average).
Extensive use of encryption was also a top cost saving factor, reducing the total cost of a breach by $360,000.
Breaches originating from a third party – such as a partner or supplier – cost companies $370,000 more than average, emphasizing the need for companies to closely vet the security of the companies they do business with, align security standards, and actively monitor third-party access.