Alexandre Ouaknine, writes about why corporations may never fix their cybersecurity issues and why it’s up to us, the consumers, to pressure companies to protect our data
This article is taken from the 14th edition of SiGMA Magazine which is now available online here.
Cyber-attacks are occurring on a daily basis and hitting government bodies and corporations alike. We constantly hear about how important it is to have cybersecurity to protect user and corporate data.
Nonetheless, successful attacks are on the rise and one might ask how come no measures are being taken to prevent them, and why are these threats not being taken seriously? As I always say, when you want the explanation to anything in this world, just follow the money.
So, let's explore the financial reasons that push companies to ignore investing in their cybersecurity. When it comes to colossal data breaches, we think of Sony, Home Depot, Target, Bank of Valletta, the PN, the US government and many others.
The losses suffered by these entities are so small compared to their annual revenue, that they feel it's far better to write off the losses rather than invest in adequate cybersecurity. The high annual cost of having in-house cybersecurity experts or consultants, antivirus software, Firewalls and monitoring tools make worrying about data breaches not worth it to them.
Furthermore, even with all the best efforts in the world, you may still fall victim to an attack. Benjamin Dean, a fellow for Internet governance and cybersecurity at Columbia University's School of International and Public Affairs, compared the cost of some high profile data breaches to the revenue of the companies that were hit. Target lost $40 million worth of credit card information, and 70 million unique records of personal information which included full names, addresses and phone numbers. In other words, everything a hacker needed for identity theft. The company let it be known that the total expenses incurred following the attack was of $252 million.
Target received $90 million from their insurance coverage. That brought down the bill to $162 million. After the tax deductions, that total cost ended up being $105 million. The sum barely represented 0.1 percent of Target's annual revenue.
Same story for Home Depot. Their total cost was $28 million, or 0.1 percent of their annual income, even though a staggering 56 million credit card numbers and 53 million email addresses were hacked. They also benefited from a $15 million insurance payment. Sony's cost ended up being $35 million, or 2 percent of the annual revenue.
As you can see, the financial impact on big corporations is negligible. To put it into perspective, the $105 million lost by Target represents less than the cost of 1 cup of coffee per day, per employee. Get the picture?
On top of that, there is the chance factor. There is no guarantee that a company will fall victim to a data breach. In the end, there's obviously not much incentive to spend a fortune on cybersecurity. But there is one aspect that is intangible and hard to put a number on. It's the trust that companies might lose from their customers. After all is said and done, that's the only cost that really matters to them. Furthermore, when so many big names get hit by cyberattacks, it doesn't make one stand out when it happens.
Buy that's not all folks! Since the data lost to pirates is usually used by corporations for marketing and statistical purposes, their core business isn't even affected by it. Now you see why you can't expect big entities to clamp down on piracy any time soon. The effort is just complicated and expensive.
The only way your data will ever be properly protected is if governments hold companies accountable and not let them shift the blame to the hackers. If corporations that neglected to protect your privacy get slapped with a hefty fine, and face other legal repercussions, they might think twice before leaving their networks wide open to potential cyberattacks.
It's up to us, the consumers, to pressure companies to protect our data as well, and to limit the amount of information we volunteer.
About SiGMA Magazine:
The magazine is packed with quality content, interviews and features coming from four different continents around the world - including Europe, Asia, Africa and LatAm. The magazine will be distributed by post to leading gaming and business companies worldwide. Should you wish to be featured in the next issue please contact Katy Micallef.
SiGMA Roadshow: Next stop Germany
Join us virtually for two engaging hours bursting with insightful conference content and new business opportunities. These unique, interactive, virtual mini-conferences will take place in a different country every month. The stop of next month will be Germany, join the conversation. We'll be covering various topics from localisation of content to regulation trends. Register now!