Faced by threats of massive fines for breaching PCI DSS and GDPR, it makes good business sense to maintain compliance at all times. Financial penalties levied by the Irish Data Protection Commissioner or card issuer tell only part of the story.

The cost of falling victim to information security threats is actually much larger.

Quantifying the cost of a cyber security breach

Becoming a victim of cybercrime or other data loss event can have a catastrophic effect on your bottom line. When Ponemon Research attempted to quantify losses, they arrived at a figure of between 10% and 500% of annual revenue.

This shouldn’t come as a surprise; “81% of respondents believe that the loss of customers’ personal data would affect the economic value of the organisation’s reputation and brand image. They then estimated that the brand would lose 21% of its value as a direct result.”

Going beyond fines

Recovering from breaches will be costly and time-consuming. It may be possible to recoup the financial losses of a fine relatively quickly, but there are longer term consequences.

Customer trust is much harder to restore. The same Ponemon Research report found that recovering reputations following a breach takes an average of 11.8 months.

Unfortunately, even this figure is disputed. A second report cited by IT Pro Portal found that 58% of consumers would avoid a provider that has recently experienced a data or security breach.

Protecting against information security threats is good business practice

Slowly but surely, information security is becoming a mainstream concern, for consumers too. 65% of consumers worry about security practices of their service providers for instance.

These concerns quickly develop into real world action too. Of the 11,000 consumers questioned, 59% admit they would “choose a service provider solely on the basis of the additional security measures offered.”

More than half of consumers choose a merchant because they believe the transaction and their data will be more secure. Which means that those businesses who do focus on security have an immediate advantage over their less-secure competitors. As an added incentive, 47% of consumers would complete more online payments if they had “reliable protection for financial transactions”.

Time to take action

While enormous fines for data breaches claim all the headlines, the long terms effects on corporate reputation could be equally devastating. The combination of large fines and a potentially significant drop in income could conceivably place the future of the merchant in jeopardy.

With that in mind, the decision to ignore, minimise or overlook information security threats seems even more misguided. In fact, data security needs to become a strategic cornerstone of operations if your business intends to meet the expectations of half of its customers.

To learn more about protecting against information security threats and how Advantio can help you better serve your customers, please get in touch.

Marco Borza

Written by Marco Borza

I am the Founder of Advantio.
Technology has been my passion since I was a kid; when I first heard the handshake of an old 300bps modem I realised security would be key in an interconnected world. Since then it has become my passion and primary focus.
The reason why I've started my own business is to make IT Security simple.

Certifications: CISSP / CCSA (Checkpoint) / ITIL Foundations / ACSA (ArcSight)/ Linux+/ PCI-QSA / PA-QSA