Data breaches are damaging enough to impact core business outcomes. One would expect incidents to be taken seriously at all times. And yet, businesses tend to ignore them, especially when experiencing data breach fatigue.
Gaming giant, Electronic Arts (EA), ignored multiple warnings from cybersecurity researchers on critical vulnerabilities. Hackers gained their way in not long after. Target, a global retailer, ignored alerts, that it could have potentially stopped. Nortel Networks was hacked for years, while management failed to respond appropriately. Panera Bread ended up leaking 37 million customer records after ignoring a known security vulnerability for eight months.
Not all companies would ignore an active hack. However, data breach fatigue commonly leads to ignoring ongoing cybersecurity threats, alerts, and alarms. That’s dangerous.
An ignored threat can escalate or re-emerge later on. Insufficient threat response always increases the chances of a successful breach and the potential for criminals to do damage. Organizations that fail to respond appropriately pay heavy costs.
IBM puts the average cost of a data breach at $4.35 million worldwide and $9.44 million in the United States. Those costs include productivity losses, cost of response and recovery, reputational damage, and fines and judgments.
Consumers are aware of their legal privacy rights and beginning to go after businesses that have leaked records or compromised their privacy. Data breach litigation is one of the hottest legal trends. Healthcare provider Banner Health was recently ordered to pay $6,000,000 to victims of a 2016 breach.
Financial and reputational damages can make or break a business. Don’t be negligent with internal, customer, or public data.