News

Tech companies at risk of data breach fines

Tech companies could lose an average of $174 (£141) million per day - or $37.3 (£29.9) billion per month - as a result of compromised records per data breach, according to research published by cloud solutions company iomart.

The research analyses the financial impact of typical, severe and catastrophic data breaches to reveal what each could cost top companies and social media platforms.

The typical loss for a large company is between 10 and 99 million records per incident, resulting in an average company value drop of 7.27%.

How much a business stands to lose depends on how long it takes them to identify and then contain a breach, which correlates to the number of records stolen - as outlined by IBM’s study on the cost of a data breach.

For companies in the tech sector it took an average of 187 days to identify and a further 59 days to contain a breach. This equates to an average potential loss of $42.9 (£34.4) billion for the highest-earning tech companies per incident.

When looking at how data breaches could impact major tech companies, Apple has the most to lose with an estimated company value drop of $95.7 (£80.9) billion following a typical breach, while Microsoft could lose $81.6 (£68.9) billion, and Amazon could lose $68.7 (£55) billion.

If these tech companies infringed GDPR guidelines and incurred the maximum fine of 4% of a company’s annual global turnover, Apple would lose a further $2.56 (£2.05) billion and Microsoft an additional $1.34 (£1.07) billion, resulting in a total breach cost of $98.3 (£78.8) billion and $82.9 (£66.5) billion respectively.

The costly fines imposed by GDPR and the projected rise of data breaches make it more important than ever to invest in data protection, particularly for smaller tech companies and startups which cannot stand to lose up to 10% of their market value.

Bill Strain, Product Development Director at iomart, comments on the findings: “These figures are a stark warning about the importance of investing in data protection. Many smaller businesses wouldn’t survive the operational impact of a successful cyber-attack, let alone the financial one of a punishing fine on top.

“Looking at your potential risk and knowing where your data is, controlling who has access to it, and making sure it’s secure should be an absolute priority.

“It’s still the case that most cyber-attacks start by exploiting our human vulnerability. By training staff to spot suspicious emails or links you can lock the front door and then use technological solutions to ensure the hackers can’t get in around the back.”

iomart also offers some top tips on how businesses can create an effective defence against such an attack:

•Keep IT systems and software up-to-date

•Store sensitive data separately

•Control users’ access and privileges

•Secure the email gateway

•Do regular off-site backups of your data

•Provide regular security training for all staff