Whether it be stolen private business data, a ransomware incident or a Payment Card Industry Data Security Standard (PCI DSS) data breach, if your business is unfortunate enough to have one of these happen, you can expect to incur significant expenses – $36,000 on average for small businesses and can far exceed $50,000.
Your exact costs can depend on the following factors:
• If you have had a PCI DSS related breach, a mandatory forensic examination by an outside examiner would be required. Estimated cost – $20,000 to $50,000
• If your breach was a PCI DSS breach, the payment card association and/or your bank may levy PCI compliance fines against your business. Estimated cost – $5,000 to $50,000
• According to the State of Maryland’s Personal Information Protection Act (PIPA), if a business experiences a security breach where personal information that, combined, may pose a threat to a consumer if misused, that business must notify any affected consumers residing in Maryland. Remediation steps could include mailings, credit card monitoring or even establishing a call center for your customers. Estimated cost – $20,000 to $50,000
• Of course, you will need to remedy the issues or shortcomings of your digital systems that were found to have allowed/caused the breach. Estimated costs – $5,000 to $50,000
• One of the most valuable things that you have as a business owner is the trust of your customers. Once you have lost this, word will spread quickly and you will have the difficult task of regaining their trust. Damage to your business reputation – Priceless!
You can easily see how being proactive about IT and data security is less costly than being reactive. I95