How Business Continuity Management Affects the Cost of a Data Breach
It’s a story we hear all too often — the nightly news anchor reports on yet another data breach at a major corporation that affected millions of customers. IT systems go down, important records are exposed, credit card numbers are compromised and identities are subsequently bought and sold on dark corners of the internet. The road to recovery is a long one, and it can leave a blemish that some organizations’ business continuity management (BCM) has a hard time erasing.
The Real Cost of a Data Breach
As the business world has seen, technology is moving faster than anyone could have expected. Data is the world’s new most precious resource, and it is integral to the business interactions you experience every day.
The Ponemon Institute’s “2016 Cost of Data Breach Study: Impact of Business Continuity Management,” sponsored by IBM, surveyed 383 companies across 12 countries. Results suggest the cost of a data breach increased 29 percent since 2013, up to $4 million, and the cost of a stolen record grew by around 10 percent.
This new reality has forced businesses to evaluate how prepared they are to defend against data breaches and other disruptions that could cause a significant blow to an organization’s finances and reputation. The study results show that BCM programs can reduce the following:
- The per-capita cost of data breach;
- The mean time to identify and contain a data breach;
- The likelihood of experiencing a similar incident in the near future.
While 52 percent of companies in the global study have an active BCM team dedicated to preventing data breaches — and results show their efforts make the resolution of data breaches more efficient and less costly — not everyone is equally prepared.
No Time to Waste
When organizations encounter a data breach, speed in identifying and fixing the issue is paramount. Research has shown that the longer it takes to discover an incident, the harder and more costly it will be to contain and solve it. Agility and efficiency are top of mind today when it comes to succeeding in the enterprise, and those two objectives apply to BCM as well.
The Ponemon research found that it took companies without a BCM strategy 52 days longer to identify a breach than those that had a strategy to manage business continuity. Similarly, it took those without BCM involvement an average of 36 days longer to contain a breach than those with BCM involvement.
The Value of Preparedness in Business Continuity Management
The negative effect a data breach can and will have on a company’s bottom line is unavoidable. When disruptions hit, leaders find themselves in the unenviable position of having to redirect key people and resources away from ordinary business and onto the front lines of data breach defense, causing the organization to make investments in places they’d rather avoid altogether.
According to the study, the total cost of a data breach decreased by 15 percent when companies had a BCM strategy. Further, 78 percent of those without BCM involvement had a material disruption to business operations after a data breach. This drops to 52 percent for companies employing BCM.
Taking Care of Business
Through the numbers, it’s plain to see that data breaches and other business disruptions are harmful to the health of a company and its customers. As technology becomes more sophisticated, the people and systems designed to exploit that technology will do the same.
With 60 percent of companies without BCM saying their company’s brand and reputation were affected by a data breach, it’s imperative that leaders promote environments in which BCM is given a strong voice that permeates corporate culture through communication and collective vigilance. Without it, companies are leaving themselves open to unnecessary risks they may ultimately not be able to afford in today’s hypercompetitive world.