It seems like every time a person cuts the TV on today or opens a newspaper, they read about another major company suffering a data breach. Business owners understand the importance of data and protect this information from those who shouldn’t have access to it. They are very cautious when it comes to customer and payment information, but criminals continue to find ways to make it into systems and steal the data.
The criminals recognize that the data collected by companies has value to them as well. Any business that accepts debit and credit card payments could find they are a victim of this crime. No business is immune, and the cost of a data breach is enormous.
In 2018 Ponemon Institute conducted the Cost of a Data Breach Study. This project found that the average cost of each lost or stolen record was $148 in 2018. Imagine how much that has gone up in three years. At that time, the average cost for a business when its data was breached came in at $3.86 million globally. This represented a 6.4 percent increase over the prior year. Sadly, this figure has likely gone up in the past three years as well.
Companies often obtain insurance to protect them in the event of a data breach, and business owners need to ask about this type of policy when shopping for insurance. Many people fail to do so, which is a mistake. Every business owner, regardless of the company’s size, must understand the consequences they face if the wrong person gets their hands on customer data and payment information. With this information, the business owner can determine their level of risk.
A business owner should never assume criminals won’t target their enterprise because it is too small. Criminals count on them thinking this way, as they know it means the business owner hasn’t fortified their system. It remains vulnerable to attacks, and criminals like easy jobs. They take less time and still pay out big rewards in many cases.
Small business owners must know how to understand risk, anticipate potential actions, and take measures to protect against these actions. To do so, they must clearly understand the consequences they face if they fall victim to a data breach. What are these consequences?
Short-Term Consequences
Every business that accepts debit and credit cards is knowledgeable when it comes to chargebacks, as they have probably encountered one or more customers who have disputed a transaction. Some chargebacks are legitimate, but fraudulent claims remain commonplace. Sadly, business owners know how costly these claims are.
While the consequences of a data breach aren’t immediately known, they damage the company’s bottom line. The business will find it faces direct financial consequences as a result of the breach. This includes fines, investigations, and increased security costs.
When a company suffers a data breach, the Payment Card Industry Security Standards Council has the power to fine or penalize the business. In addition, other card network brands and regulatory agencies may impose fines on the business. These fees quickly add up.
The victim of the data breach is required to conduct a forensic investigation to learn how the breach occurred. While the investigation is of great help in identifying any problems within the company’s computer system, it eats up valuable time and money. This could be disastrous for some businesses.
Furthermore, the business might find it is required to provide credit monitoring for customers impacted by the breach. The business becomes responsible for the cost of this monitoring. It also becomes responsible for costs associated with any remediation efforts. These efforts could include identity theft repair, replacement of any cards impacted by the breach, and more. The Payment Card Industry retains the right to impose additional compliance requirements on a business that has suffered a data breach.
Long-Term Consequences
However, the short-term consequences of a data breach shouldn’t be the company’s biggest concern. It needs to focus on rebuilding the trust of its customers. Consumers share their sensitive information with those they trust. They do so with the belief the business has taken the necessary steps to safeguard this information from others.
In fact, a study conducted in 2017 by PwC found that 92 percent of consumers believe every company must remain proactive when it comes to protecting customer data. A failure to do so can have devastating effects. It may even lead to the loss of customers or the closing of the business permanently.
In order to be successful, a business must maintain a good reputation. It serves as the organization’s most valuable asset, and every company must protect the brand at all costs. The PwC study looked at consumer response to a data breach and found that even one breach can harm a beloved company. Eighty-five percent of consumers taking part in the study stated they would avoid a business if they didn’t trust the company’s security practices.
A business owner shouldn’t despair if their company falls victim to a data breach. With time and effort on their part, they will find they can recover from this breach. Sadly, their bottom line will suffer as they work to regain the trust of consumers and rebuild their reputation. Furthermore, some customers will never return. The loss of even one customer is damaging to a business, as it costs more to gain a new customer than it does to retain an existing one.
Verizon conducted a study in 2018 looking at consumer attitudes toward data security and privacy. This study found 69 percent of those taking part would not work with a company that had its data breached. Imagine losing 69 percent of your customers. Very few businesses could survive this.
Every business owner must recognize the consequences of a data breach and use this information to protect their organization. This involves creating an action plan that outlines specific steps for safeguarding customer data and payment information. If help is needed in this area, don’t hesitate to seek it out. It’s better to pay a third party to protect customer data than to lose the trust of the public. Make this a priority in your budget, as you can’t afford to do without the added level of protection.