Data breaches are in the news a lot these days. It seems that you can't turn around without hearing about a new one, and they seem to keep getting worse and more far-reaching. Consumers are concerned about data breaches, and many can be reluctant to do business with a company that has a history of data breaches.
Small businesses and startups, in particular, may not be familiar with the threats or with their responsibilities to mitigate those risks, so it's important to take steps to prevent data breaches no matter what type of business you have or where the threats may be coming from. The first step is to recognize where most of the threats originate, and it may not be where you think.
A Very Large Percentage Of Data Breaches Are Traced Back To Third Parties
By one estimate, as many as 63% of data breaches are traced back to a third party vendor. Many of the major data breaches that have made the news in recent years - Target, CiCi's Pizza, Wendy's, DoTERRA - have been traced back to third party vendors.
All Businesses Depend On Third Party Vendors
Whether you have a brand new startup or a mega corporation, all businesses depend on third parties for things like billing services, mailing services, equipment rentals, and telecommunications. Third party vendors can be a lifeline when you have a startup or small business, as your time is often better spent on things other than billing and sending postcards. This dependency, however, has some drawbacks.
Even If A Vendor Is Responsible For Your Data Breach, You Are Responsible For Fixing It
The average cost of a data breach is $4 million, and the average cost per record breached is $158. These costs are on the rise and can vary widely based on the industry in which the data breach occurred. Medical data is considerably more expensive to clean up, clocking in a $355 per record breached. The cost of remedying data breaches per industry include:
- $355 per healthcare record
- $246 per education record
- $129 per transportation record
- $112 per research record
- $80 per public sector record
Even if you are not directly responsible for a data breach, you are responsible for those you hire to do work for you including the people who rent you your fax machines and send your patient's appointment reminder postcards. Taking necessary precautions can mean the difference between thriving or going out of business.
Data Breaches Can Lead To Customer Loss
Data breaches do more than just cost your company money. They can decrease consumer confidence in your company, which can lead to a massive loss of customers. According to an Inc. analysis of a Cisco survey:
- More than 50 percent of organizations faced public scrutiny after a security breach. Operations and finance systems were the most affected, followed by brand reputation and customer retention. (If you own or work for business, take note: data breaches have repercussions.)
- For organizations that suffered a breach, the effect was substantial: 22% of breached organizations lost customers -- 40% of them lost more than a fifth of their customer base. 29% lost revenue, with 38% of that group losing more than a fifth of their revenue. 23% of breached organizations lost business opportunities, with 42% of them losing more than a fifth of such opportunities. (The repercussions are quite costly.)"
- CSO's cite budget constraints, poor compatibility of systems, and a lack of trained talent as the biggest barriers to advancing their security postures. Security leaders also reveal that their security departments are increasingly complex environments with nearly two-thirds of organizations using six or more security products - some with even more than 50! - increasing the potential for security effectiveness gaps and mistakes. (Complexity and a lack of skilled professionals are putting businesses at risk.)
How To Protect Your Business And Customers
It's tempting to work with a third party vendor that comes in with the best price on whatever service you need but consider the cost of fixing a data breach if they are negligent. An ounce of prevention is worth a pound of cure, after all. Some of the certifications you can look for in a third-party vendor include:
- AICPA SOC
- ISO 9001
Data breaches are a major threat to most businesses, and if you aren't prepared, you could be caught off guard. Protect your business and your customers by preparing for a data breach before it happens. Learn more about the danger of data breaches from this infographic from United Mail.