In the early years most breaches were ego-driven with hackers motivated by the classic “I’m smarter than you and to prove it I can hack your system”. Due to stepped up law enforcement and more serious punishment, these types of attacks have now decreased to an almost imperceptible level. The ranks of the early hackers consisted of disgruntled former employees, political activists and thrill-seekers.
Ever the opportunists, criminals quickly realized the potential windfall before them and breaches became theft-driven. This is still the number one driver of breaches (Verizon’s Annual Data Breach Investigation reports nearly 2/3 of 2013 breaches were theft related) and likely will be for years to come. Those responsible from this perspective range wildly, from bored teens to well-financed criminal enterprises, including organized crime, as the risk-reward model is just too tempting to those seeking “money-for-nothing”.
The final motivator is greed-driven, for both money and power. These highly skilled groups conduct clandestine breaches for both industrial and international espionage. Competitors and foreign governments who are looking to steal intellectual property are increasingly turning to cyber-snooping as their preferred method of discovery. The cost of cyber-theft pales in comparison to research and development costs associated with emerging technologies and the gleaned intel can significantly shorten the time it takes up and coming Countries to close the gap with global super powers.
What do breaches cost?
According to the ID Theft Resource Center the number of records exposed thus far in 2014 is approaching 20,000,000. Ponemon studies conclude that the average cost per record exposed costs $201, so the 20M records exposed equal a cost of just over $4,000,000,000! The average cost to an individual company experiencing a breach is $5.9M.
This cost is comprised of charges for Public Relations campaigns, fines and penalties, legal fees, credit monitoring, breach notification mailings, forensics investigations, regulatory defense, restitution to customers, security audits/fixes and much more. The erosion of customer loyalty is the bigger concern. Sadly, most breaches do not make the headlines, as the impacted company is a “Mom and Pop” shop and many estimate that nearly 80% of small businesses experiencing a breach end up going out of business.
As previously noted, healthcare organizations experience more breaches than any other industry sector; adding insult to injury is the fact that the cost per exposed record for healthcare is also the most expensive at $316 each.
[author_bio username=”Barry” name=”yes”]