ignore a threat that might be even more destructive: Email. Theft of .... Ponemon Institute's Benchmark Study on Privacy
HOW MUCH DO YOU TRUST EMAIL? The most significant risks and 3 sure ways to mitigate them
Many organizations focus on protecting against external attacks but ignore a threat that might be even more destructive: Email. Theft of confidential data for corporate espionage, the disclosure of trade secrets to a competitor or the release of private health information to the public could all be gained from email.
BY 2019, CORPORATE EMAIL ACCOUNTS WORLDWIDE WILL EXCEED 1.3 BILLION!
• The typical employee sends 30 EMAILS A DAY • One out of every four corporate emails CONTAIN ATTACHMENTS • The majority of emails, are openly sent and EASILY INTERCEPTED. 61% of employees admit sending confidential information through open email channels. Email was the dominant communication mechanism in 2015 with over 116 billion business messages sent a day. That’s 116 billion chances for sensitive information to be intercepted – either with malicious intent or accidentally.
HIGHLY REGULATED INDUSTRIES ARE PRIME TARGETS FOR EMAIL SECURITY THREATS.
FINANCIAL SERVICES
HEALTHCARE INDUSTRY
OIL & GAS INDUSTRY
Over 59% of financial services companies hold significant amounts of financial, health and personal information.
91% had at least one data breach involving the loss or theft of patient data, while 87% of their business associates experienced electronic loss of private information.
Given the industry’s competitive nature, highly-valued intellectual property, and broker transactions ranging in the millions – the threat to email is significant and very real.
91%
43% ranked employee negligence as the top-ranked security threat.
59%
76.7%
76.7% share the sensitive data they hold electronically with business associates.
87%
70% of healthcare organizations worry most about employee negligence.
43%
THE CONSEQUENCES OF FAILING TO ENCRYPT CAN BE SEVERE 857.7 MILLION records have been breached since 2005. This is the equivalent to roughly 86 million records breached per year, that’s more than 230,000 records breached on a typical day, and about 187,000 records lost per breach incident. That’s alarming given the average cost of addressing a data breach tops $3.8 million US. The cost of a data breach varies by industry. The average global cost of a data breach per lost or stolen record is $154 US. However, if a healthcare organization has a breach, the average cost could be as high as $363 US. As a final comparison, a data breach due to human error or negligence costs $137 US per record.
• Notification costs: All necessary activities required to report the breach to appropriate personnel within a specified time period.
• The cost of providing credit-monitoring services for at least a year.
• Breach response costs: All activities required to notify data subjects with a letter, telephone call, e-mail or general notice that personal information was lost or stolen.
• Loss of business.
• Reputational damage.
• Negative publicity: Extensive media coverage, further damaging the organization’s reputation.
QUANTIFYING THE
CONSEQUENCES
HARDSHIPS ON CUSTOMERS • A full 71% of fraud incidents begin less than one week after a data breach • $16 billion US stolen from 12.7 million identity fraud victims last year
HARDSHIPS ON BUSINESS In addition to the costs for addressing data breaches: • Class actions, regulatory and criminal investigations are here to stay, as well as individual actions resulting in damage awards. • Cyber Risk, Liability and Insurance — one which companies are paying top dollar for with the expectation they will inevitably take a hit. • Cyber Risk, Liability and Insurance market to hit $10 billion US by 2020.
