Data Security

9. Effect of Security Breaches On Organisations

Breaches & Consequences

Nearly all organisations, large and small have experienced a security breach. These breaches may have been the result of a mistake (inadvertently exposing data), an inside job or as a result of some form of hacking attack.

The breaches vary in size: from a few personal records to current world's largest of 500 million account details stolen from Yahoo.

Whatever their size or however they are caused, these breaches can have serious consequences, event to the extent of causing organisations to collapse or go bankrupt.

Security Breach Statistics

1. Reputation & Customer Confidence

Customers trust organisations to look after their data (names, passwords, credit card data etc) so when security breaches occur, customer confidence falls and the reputation of the company and the brand is damaged. Ultimately, this affects the bottom line of the company.

Recent surveys consistently show that high profile security breaches have an adverse effect on consumer trust in brands. According to a FireEye report, 76% of customer respondents would take their business elsewhere, And 3/4 of consumers would stop buying from a company if they discovered that the breach was due to the company failing to prioritise security.

2. Financial Loss

Organisations can suffer severe financial losses following significant security breaches. The losses are the result of:

  • Consumers buying less of their products and switching to competitors.
  • Legal costs and fines resulting from legal actions undertaken by regulating authorities & consumers.
  • Difficulty in acquiring data as customers shift to competitors and become less willing to share data.
Financial Costs
Talk Talk fines

3. Legal Impact

Increasingly, the minimum standards of care that data users have to take in securing personal data are laid down in law. Where a data breach occurs, they can be taken to court or in the UK reported to the Information Commission for failing to follow the standards under the Data Protection Act 1988.

Almost 60% of consumers report report that they would take legal action against organisations, if a breach resulted in their personal details be used for criminal purposes. Where class actions (people pursue legal action as a group) can occur, fines can reach millions of pounds.

4. Increased cost of gathering data

Collecting data to store, analyse and put to use, costs money and it relies upon the willingness of customers to share data. But following recent high profile security breaches, over 70% consumers now share fewer details with companies.

For search engines to social media platforms, this matters, because they rely on collecting detailed consumer data which they can share with advertisers so that they can target customers who might have an interest in their products.

Rising Costs

Create a new page. Call it Effect of Security Breaches on Organisations and complete the following tasks.

  1. Create a list of what could happen to data owners who experience a data breach.
  2. Talk Talk is an example of a company that lost the confidence of its customers. Find another two examples.
  3. Boomerang Video Ltd is one company fined for failing to take appropriate measures to protect data. Find at least two others.
Security Breaches
Information Commissioners Office

Increasingly, responsibility for safe guarding data is seen as the duty of the data owner. Whereas in the past, especially in small and medium sized enterprises (SME) it was enough to argue they didn't know or have the skills, cybercrime has become so widely known that that excuse is no long sufficient. .

Add a new part to your page titled The Unwritten Law. Visit Information Commissioner’s Office (ICO) page

  1. Which company was fined by the ICO and by how much?
  2. What does Sally Ann Poole say about the size of companies?
  3. What did the company fail to do?
  4. With the forthcoming GDPR, what is likely to happen to the level of fines?

Can you now do?

  • Explain how security breaches can effect organisations
  • Provide examples of how breaches in security have affected organisations.

If you don't feel confident in meeting any of these performance criteria, ask your teacher or re-read the information again.

Cyber Security

  • Security Fundamentals
  • Data Security
  • Digital Forensics
  • Ethical Hacking
Supporting courses by the SQA Logo
css badge
html badgee