We now know more than we’ve ever known about the true cost of a data breach. In addition to survey-based research, costs are discussed openly in quarterly reporting calls, made available via court documents, reported in the news, and apparent in stock values. The available information has taught us that data breach cost totals are staggering.
So, just what is the real cost of a data breach? To help answer this question, here is a look at several recent and past headline-making incidents.
May 13, 2019, SC Magazine: Equifax data breach recovery costs pass $1 billion. According to the story:
In Equifax’s latest Security and Exchange Commission filing the company is estimating it has spent about $1.4 billion recovering from its 2017 data breach that exposed the PII of 148 million customers, according to a published report.
May 15, 2019, Info Security Magazine: Companies' Stock Value Dropped 7.5% after Data Breaches. This is a story about a study of how breaches impacted Marriott, Equifax, and Yahoo! According to the news:
Publicly traded companies suffered an average drop of 7.5% in their stock values and a mean market cap loss of $5.4 billion per company, and it reportedly took 46 days, on average, for those stock prices to return to their pre-breach levels. To date, the stock price of Equifax has not yet recovered.
March 29, 2018, CNBC: Under Armour says data breach affected about 150 million MyFitnessPal accounts. According to this story:
Shares of Under Armour dropped 3.8 percent, before paring losses, after the active-wear company informed users of its online fitness and nutrition website their data had been compromised.
March 19, 2018, The Verge: Facebook stock tanks after data breach report, shaving billions off the company’s market value. According to the news:
Facebook’s stock has tanked after revelations that the company had shared the data of up to 50 million users with the political data analytics company Cambridge Analytica. By noon ET on Monday, it’s dropped by nearly 7 percent — the most that Facebook has fallen in a single day in over five years.
Scare Tactic, Hardly
There was a time when pointing out the negative economic factors driven by data breaches was considered to be a “scare tactic” used by some vendors. The negative economic factors that follow a breach are no longer the subject of speculation though. As the aforementioned shows, data breach costs are now indisputable monetary facts. They exist regardless of how frightening they may or may not be. The truth about them is something that no organization can afford to disregard.
Avoiding the High Cost of a Breach
The only way to reduce the risk of being impacted by a data breach is to either stop doing business on the internet or to take steps to defend against threats. The former isn’t likely to happen at your company anytime soon (even if it did, you’d still have that “air gap” thing to contend with).
To protect your organization against cyber threats, you will have to take a multi-layered approach, which includes the use of traditional technologies and newer innovations. No single vendor has a security silver bullet.
How Anomali Helps
It is becoming widely accepted that enterprises which utilize threat intelligence as part of their security stacks are better able to address cyber threats. The value threat intelligence provides has prompted leading analyst firms such as Gartner, Forrester, IDC, ESG, and 451 to write about it extensively.
The Anomali Threat Platform automates all processes for collecting, managing and integrating threat intelligence from multiple sources. This gives security analysts the tools and resources needed to quickly respond to active threats and attacks. With the help of Anomali, organizations are detecting their adversaries, understanding who they are, and quickly responding to them. To learn more about the Anomali platform, get the Managing Threat Intelligence Playbook.
Joe Franscella is a Senior Director of Strategy at Anomali. Over the course of his career, he’s led strategies at numerous cybersecurity companies that have helped them to convey the value that their solutions deliver to the market. He is passionate about helping all organizations to defend themselves against advanced cyberthreats.