According to a new Ponemon Survey, the negative effects of a data breach last about one year. That is, it takes that long to restore a company's reputation to its pre-breach levels. The use of laptop encryption software like AlertBoot and other data security tools will minimize the risk of such a thing happening. Is it worth it? With an average damage of 12%, I'd say so.
The survey polled 850 execs. According to survey results: The brand is tarnished for one year, on average (if you're looking to restore your brand) Brand value loss ranges from 12% to 25% in extreme cases 42% did not have a data breach response before the breach Of course, the value of a brand is not something that can be precisely assessed, so the numbers above are a little suspect. What's not suspect is the 42% figure. While I was aware that many companies react to breaches (e.g., encryption software for laptops are deployed company-wide after a laptop with sensitive information is lost or stolen), I didn't realize it was so in nearly half the cases.
The survey polled 850 execs. According to survey results:
Of course, the value of a brand is not something that can be precisely assessed, so the numbers above are a little suspect. What's not suspect is the 42% figure. While I was aware that many companies react to breaches (e.g., encryption software for laptops are deployed company-wide after a laptop with sensitive information is lost or stolen), I didn't realize it was so in nearly half the cases.
It should be noted that the above survey was conducted on very large companies: Depending upon the type of information lost as a result of the breach, the average loss in the value of the brand ranged from $184 million to more than $330 million, with an average brand value prior to the breach of $1.5 billion. Hence, the minimum brand damage was a 12 percent loss, increasing to nearly a one-quarter loss of the brand value in some instances.[prnewswire.com] What does this mean for SMBs? It could be that for such concerns, recovering from a data breach could be neigh impossible if it affects a large percentage of clients. Other dangers apply as well: for example, it's not uncommon knowledge that SMBs have a harder time defending themselves against lawsuits due to its disproportionate impact on, well, pretty much everything. About four years ago, when TJX had its massive data breach, I had reported the fact that TJX's revenues actually had gone up since the breach. I had noted that perhaps this could be explained by the fact that the breach had coincided with the beginning of what is now called the "Great Recession." Had a concern like Whole Foods been in the same position at the same time, it's doubtful that they would have had the same happy outcome. However, a large company like Whole Foods would have a chance to restore its reputation due to its resources. A small company could go out of business altogether. When you consider such an outcome, it's not an exaggeration to note that SMBs require data protection tools even more than larger companies, even if they don't hold as much customer data.
It should be noted that the above survey was conducted on very large companies:
Depending upon the type of information lost as a result of the breach, the average loss in the value of the brand ranged from $184 million to more than $330 million, with an average brand value prior to the breach of $1.5 billion. Hence, the minimum brand damage was a 12 percent loss, increasing to nearly a one-quarter loss of the brand value in some instances.[prnewswire.com]
What does this mean for SMBs? It could be that for such concerns, recovering from a data breach could be neigh impossible if it affects a large percentage of clients. Other dangers apply as well: for example, it's not uncommon knowledge that SMBs have a harder time defending themselves against lawsuits due to its disproportionate impact on, well, pretty much everything.
About four years ago, when TJX had its massive data breach, I had reported the fact that TJX's revenues actually had gone up since the breach. I had noted that perhaps this could be explained by the fact that the breach had coincided with the beginning of what is now called the "Great Recession." Had a concern like Whole Foods been in the same position at the same time, it's doubtful that they would have had the same happy outcome.
However, a large company like Whole Foods would have a chance to restore its reputation due to its resources. A small company could go out of business altogether.
When you consider such an outcome, it's not an exaggeration to note that SMBs require data protection tools even more than larger companies, even if they don't hold as much customer data.
Related Articles and Sites:http://www.prnewswire.com/news-releases/new-survey-by-the-ponemon-institute-finds-that-data-breaches-can-cause-lasting-and-costly-damage-to-the-reputation-of-affected-organizations-132682688.html