Whether you’re planning to open a new division in the Bay Area or are worried about what will happen when you double your employee roster this year, you must keep your organization’s sensitive data safe. According to the 2015 Cost of Data Breach Study conducted by Ponemon Institute and sponsored by IBM, the average cost for each record containing confidential information increased from $201 to $217 in 2015. The total average cost paid by organizations as a result of data breaches increased from $5.9 million to $6.5 million year-by-year, and the numbers are likely to increase over the long term.
Educating your employees
With malicious attacks being responsible for nearly half of all incidents, companies are doing their best to keep their security systems up-to-date. However, according to the results of the Ponemon study, human error is still accountable for 19 percent of data breaches that lead to an average loss of $198 per record. It’s less expensive than an outside criminal attack, yet any security system can be compromised by an undereducated employee, and the overall cost of negligence remains high.
When it comes to training, teaching your employees how to use equipment or software and how to connect to a computer remotely is only part of the picture. BYOD is spreading, but people who still use USB and other devices that are far from being 100 percent safe often lack a basic understanding of this concept in terms of security. Thus, your employees also need to know how to safeguard the company’s data along with the private client information, both at work and at home.
Evaluating your efforts
No matter how heavily you invest in state-of-the-art technologies, or how complex the whole defense system may seem, there still might be a needle in the haystack. According to the same study by Ponemon and IBM, detection and escalation costs were at a record high in 2015, which includes assessment, auditing, crisis management, and other related services. Although these costs increased dramatically up to $0.61 million, which is a good sign, post-data breach spendings are still higher and amount to $1.64 million.
All this means that some organizations are starting to realize the power of evaluation and auditing, yet most of them underestimate the importance of these processes and their contribution to the overall effectiveness of a dedicated security program. In this light, your security efforts and the data flows within your organization should be continuously and thoroughly evaluated, with both management and personnel being actively involved in the auditing procedures. This will help you identify weak points of your system, get rid of unneeded data flows, stay on top of all critical information, and in the end cut the costs and plan your future investments accordingly.