Home | Tech | Two-thirds of decision-makers expect an information security breach

Two-thirds of decision-makers expect an information security breach

Font size: Decrease font Enlarge font
Two-thirds of decision-makers expect an information security breach

Companies predict 13% drop in revenue and two months to recover from data breach.

According to research from global information security company NTT Com Security, a large majority of business decision-makers admit that their organization will suffer an information security breach, and that the cost of recovery could start from around $1 million.

While 54% of those surveyed say information security is “vital” to their business and nearly a fifth (18%) agree that poor information security is the “single greatest risk,” two-thirds (65%) predict that their organization will suffer a data breach sometime in the future.

Respondents estimate a breach would take nine weeks to recover from and would cost $907,053, on average - even before the cost of any reputational damage, brand erosion and lost business are taken into consideration. Decision makers estimate that around a fifth (19%) of their company's remediation costs would be spent on legal fees, 18% on compensation to customers, 15% on third party resources and 15% on fines or compliance costs. Other expected remediation costs include PR and communications and compensation to suppliers and employees.

The survey of 1,000 non-IT business decision makers in organizations in the UK, US, Germany, France, Sweden, Norway and Switzerland shows that recent high profile data breaches are hitting home. A similar study undertaken in November 2014 revealed that just 10% of an organization's IT budget is spent on information security, compared to 13% this year. Respondents also anticipated a 13% drop in revenue following a breach, compared to 8% in 2014.

According to the report, almost all respondents say they would suffer external and internal impacts if data was stolen in a security breach, including loss of customer confidence (69%) and damage to reputation (60%). One third of business decision makers also expects to resign or expects another senior colleague to resign as a result of a breach.

Garry Sidaway, SVP Security Strategy and Alliances at NTT Com Security, commented: "Attitudes to the real impact of security breaches have started to change, and this is no surprise given the year we have just had. We've seen household brands reeling from the effects of major data breaches, and struggling to manage the potential damage to their customers' data - and the cost to their reputation. While the majority of people we spoke to expect to suffer a breach at some point in the future, most also expect to pay for it - whether that's in term of remediation costs, customer confidence or possibly even their jobs."

The report also shows that less than half (41%) of organizations have some kind of insurance to cover for the financial impact of data loss and a security breach, while 12% are not covered for either. However, over a third (35%) of respondents say they have a dedicated cyber security insurance policy, with 27% in the process of getting one. Around half (52%) have a formal information security policy in place, while 27% are in the process of implementing one.

1 2 »
Join PRESIDENT&CEO on LinkedIn

Subscribe to comments feed Comments (0 posted)

total: | displaying:

Post your comment

  • Bold
  • Italic
  • Underline
  • Quote

Please enter the code you see in the image: