What does a security breach cost?

Data sharing amongst businesses and consumers is increasing, the amount of consumer data stored on business servers and workstations is growing at an exponential rate and email is becoming the standard to communicate everything from personal data to financial data and everything in between. This has created a ripe environment for unethical people of all types to cash in on consumer data. These individuals may be anyone from a hacker to someone you know to an employee. Employee theft to loss of laptops, flash drives and portable hard disks in some estimates, account for 90% of all security breaches.

The Known Costs

There are many costs associated with a security breach that can be assigned a real dollar amount. Quantifiable costs are security upgrades, equipment upgrades, replacing lost or stolen devices and upgrading physical security.

In California, law requires a company to contact every customer to let them know there was a data breach whether their data was compromised or not. This would include postage and the manpower to put together the notification.

The Unknown Costs

These costs are harder to put an exact dollar figure to. Lost trust by clients and customers, potential investor and customer lawsuits, loss of new business and in publicly traded companies, potential loss of share price. Recovery of brand name and image may take years or may never achieve the level prior to the breach.

For larger companies, these costs are a drain to company resources and may cause heads to roll, but for smaller companies, the damage from a security breach could lead to closing their doors, permanently.

The damage from a security breach is hard to measure in hard dollars. The long term prognosis for any small to midsize firm hit with a major security breach is bleak. Competition will likely use that to their advantage every step of the way to take away customer base even though customers will start looking for a company that has better controls on their security to prevent such a breach.

There are many things a business can do to prevent or limit the impact of a security breach. Knowing where the weaknesses are, understanding the impact of the data that you house, and knowing the implications if the data was to fall into the wrong hands will go a long way to keep the data secure and in the proper hands.

E-Mail Phishing and Safe Browsing

A Nigerian Prince has left you $8,000,000.00, a long lost uncle in England has left you $5,000,000.00, or an Iraqi war veteran just happened to find you to help get millions out of Iraq. All you have to do is send them some money to help out or provide a bank account number for them to transfer the money. The package you never sent, never arrived, but UPS, Fedex, and DHL all have a shipping document for you to look over.

You open up a web page and before you can finish blinking a big warning message tells you your computer is infected and that you should install this antivirus software to clean it. An odd message pops up on your workstation telling you that your computer is trying to download virus onto your computer.

These are just a few of the ways that scammers work. These emails are designed to trick you into giving your money away or by opening an email attachment that puts malware on your computer that steals all of your usernames and passwords. Web based phishing scams are designed to have you buy something with your credit card, next thing you know, you have purchased many other things that you didn’t know about.

These phishing schemes target users on all platforms. But protecting yourself is easy if you just practice a few safe computing tips:

1. If you don’t know who sent you the email, don’t open it. If you do open it, don’t open the attachment.

2. Use antivirus and a spam filter. There are many free antivirus programs for personal use and if you’re a business purchase software that covers your servers and workstations.

3. Don’t respond to emails promising large sums of cash. If it sounds too good to be true, it probably is.

4. If you are browsing the web and get redirected to a page you didn’t expect, close the web browser down immediately. Clicking no is the same as clicking yes and that is where the trouble starts. If you can’t close the browser, shut the computer off. The less time malware has of installing onto your system, the better chance you have of it not getting there.

5. Get your music and movies from reputable resources. If you use a peer to peer file sharing service, then you are asking for trouble and it is a safe bet, that trouble will find you.

If you think you are infected and can’t fix it yourself, get help immediately. The longer it sits on your system, the more chance it has of getting passwords, usernames, and credit cards just to name a few. Practicing safe email and browsing will save you a lot of headaches and keep your computer running smooth.