TECHNOLOGY

‘Mega breaches’ take a big toll on the bottom line

BY Deena M. Amato-McCoy

Hidden costs associated with larger data breaches are putting targeted companies at an even bigger financial risk.

The average cost of a data breach globally is $3.86 million, a 6.4% increase from 2017. However, hidden costs associated with mega breaches are causing additional financial damage, according to “The 2018 Cost of a Data Breach Study,” from IBM Security.

According to data, mega breaches – which range from 1 million to 50 million lost records – cost companies between $40 million and $350 million, respectively. One-third of the cost of mega breaches were derived from lost business. This equates to nearly $118 million for breaches of companies with 50 million lost records.

In the past five years, the amount of mega breaches has nearly doubled from just nine in 2013, to 16 in 2017. Due to the small amount of mega breaches in the past, the study historically analyzed these data attacks at around 2,500 to 100,000 lost records.

The vast majority of these breaches (10 out of 11) stemmed from malicious and criminal attacks, as opposed to system glitches or human error. The average time to detect and contain a mega breach was 365 days – almost 100 days longer than a smaller scale breach (266 days).

Costs continue to rise among data breaches of less than 100,000 records, as well. The average cost of a data breach was $3.86 million, compared to $3.50 million in 2014 – nearly a 10% net increase over the past five years of the study.

Costs are also heavily impacted by the amount of time spent containing a data breach, as well as investments in technologies that speed response time. The average time to identify a data breach was 197 days, and the average time to contain a data breach once identified was 69 days. Companies who contained a breach in less than 30 days saved over $1 million, compared to those that took more than 30 days ($3.09 million vs. $4.25 million average total).

The amount of lost or stolen records also impacts the cost of a breach, costing $148 per lost or stolen record on average. The factors which increase or decrease this cost:

• Having an incident response team was the top cost saving factor, reducing the cost by $14 per compromised record.

• The use of an artificial intelligence (AI) platform for cybersecurity reduced the cost by $8 per lost or stolen record.

• Companies that indicated a “rush to notify” had a higher cost by $5 per lost or stolen record.

Organizations that had extensively deployed automated security technologies, such as AI, machine learning, and analytics to augment or replace human intervention in the identification and containment of a breach, saved over $1.5 million on the total cost of a breach, which is $2.88 million. This is compared to $4.43 million for those who had not deployed security automation, the study revealed.

“While highly publicized data breaches often report losses in the millions, these numbers are highly variable and often focused on a few specific costs which are easily quantified,” said Wendi Whitmore, global lead for IBM X-Force Incident Response and Intelligence Services (IRIS).

“The truth is there are many hidden expenses which must be taken into account, such as reputational damage, customer turnover, and operational costs,” she added. “Knowing where the costs lie, and how to reduce them, can help companies invest their resources more strategically and lower the huge financial risks at stake.”

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

TRENDING STORIES

Polls

Do you think retail brands should steer clear of taking a stance on social and political issues?
TECHNOLOGY

Snapchat update reportedly hints at Amazon partnership

BY CSA Staff

Snapchat could potentially make it easier for users to make a purchase from Amazon.

Code buried within the social media channel’s Android app update includes an unreleased “visual search” feature that connects users to Amazon’s product listings, according to TechCrunch.

Codenamed “Eagle,” the service encourages users to “press and hold” the camera feature to identify an object, song, or barcode. The data is then sent to Amazon, Shazam or other partners. Once an object’s data or barcode has been scanned, it is sent to Amazon. Users are then linked to the product on Amazon’s website, according to the report.

The code also prompts users to “share product,” “send product,” or “see all results at Amazon.”

To read more, click here.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

TRENDING STORIES

Polls

Do you think retail brands should steer clear of taking a stance on social and political issues?
TECHNOLOGY

Weis Markets steps up mobility

BY Deena M. Amato-McCoy

Weis Markets is getting connected—through WiFi, that is.

Through a partnership with Aruba, a Hewlett-Packard Enterprise company, the grocery store operator is standardizing its Wi-Fi company-wide. The new network will be used by 23,000 store employees, 1,000 associates in distribution centers and headquarters, as well as approximately 6,000 who connect to the in-store guest Wi-Fi daily.

Rather than placing a controller in every location, the company has installed approximately 5,000 access points (APs) in approximately 205 stores, distribution and warehouse centers, and store support center in Sunbury, Pennsylvania. In addition to simplifying its wireless infrastructure, management and functionality, the upgrade will provide more robust connectivity, and reduce operating costs.

Within its distribution centers for example, the network supports a voice-controlled product pick system that helps associates select products quickly and easily. The increased picking accuracy results in a higher percentage of correct product on store shelves, improving the overall efficiency of Weis Markets’ inventory processes and ultimately, impacting the retailer’s sales positively.

Meanwhile, more granular policy and management capabilities enables the grocer to differentiate between corporate, personal, customer and eventually, IoT devices on the network. The network administration team can make configuration changes and update software across all store APs quickly and easily. Reporting functions will enable fast identification of excessive resource usage, verification of PCI compliance, and discovery of hardware inventory information. Robust alerting allows the team to identify any AP issues, rogue devices or network problems so they can be quickly resolved, according to the company.

“From an operational perspective, secure, high-performance Wi-Fi allows our associates in-store, and across distribution centers and headquarters to ensure that correct products are purchased, inventoried, selected and placed on retail shelves,” said Jacob Koch, manager of systems administration for Weis Markets. “From a sales and service perspective, that same foundation will allow us to offer better in-store mobile experiences for our customers, adopt more sophisticated app services so we can push out offers via our mobile app, and gain insights into our customers’ behaviors and needs.”

Once all AP upgrades are complete, the retailer plans to adopt analytics software that will help uncover customer habits enabling Weis to better respond to customer needs and, ultimately, drive increased sales. In addition, Weis will evaluate the use of push notifications to send relevant coupons and offers to customers who authenticate to the network. Other future initiatives might include digital product pricing on shelves, asset tracking for grocery carts, and even robots for in-store clean-ups.

“With our Aruba infrastructure we can examine all of these initiatives, as we’re confident the network will enable us to continue innovating and improving,” Koch added.

keyboard_arrow_downCOMMENTS

Leave a Reply

No comments found

TRENDING STORIES

Polls

Do you think retail brands should steer clear of taking a stance on social and political issues?