You might not know it, but data breach is very costly not just in terms of money but also the safety of the people whose information have been compromised.
During the occurrence of a data breach, the one responsible for the said incident – either a phony, hacker or felonious syndicate – is most of the times went missing. The big question is, who carries the toll? Is it the innocent consumer with compromised personal data, the market society where the information has been utilized, or the company that neglect to safeguard it? Oftentimes the loss goes to the market society by way of account or card agreement requirements or deadlines enforced by laws or measures.
A data breach is a firmly established event where delicate, classified or diversely secured information has been tapped into disclosed in a wrongful way. It could involve trade puzzles, intellectual property, personal health information (PHI), or personally identifiable information (PII).
The most usual data breach exposures involve personal data such as credit card details, Social Security numbers as well as healthcare records. In the event that the data breach resulted in identity theft, the provoking organization could deal with penalties or other civil legal action.
The market society can get back these costs from a business it has contact with depending on the law that administers. The laws mandate both banks and their vendors to safeguard customers’ Personally Identifiable Information or PII. However, it is not well-specified what are the responsibilities of other companies. The governing commitments to secure data depend according to industry and geography.
The Graham Leach Bliley Act (GLBA) in the US demands market society or financial institutions such as credit card reporting agencies, payday lenders, and professional tax preparers to protect PII. The EU’s General Data Protection Regulation (GDPR) executes liabilities on firms that gather and store information that belongs to consumers in the EU. The New York Cybersecurity Regulation administers to monetary service industries obliged to operate with a license, registration, permit, charter, or authorization by the New York regulation.
A data breach may affect banks as well as consumers all over the US, and the report provisions are based on the law where the affected person is situated. There is no federal rule concluding a national guideline for notification obligations. All 50 US states have now rules needing private or governmental bodies to inform consumers about security breaches but differ from state to state.
Meanwhile, in Saudi Arabia and the United Arab Emirates, the combined cost of a data breach is worth $5.31 million. According to IBM Security, it would be a 7.1% rise since last year.
“The 2018 report reveals that the major cause of a data breach is malicious or criminal attacks for organizations in Saudi Arabia and the UAE. The potential damage from cyber attacks extends beyond the obvious issue of businesses and consumers losing money. It can dramatically impact a company’s reputation, damaging the trust and loyalty of its customers, business partners, investors, and others,” said Dr. Tamer Aboualy, CTO of Security Services, IBM Middle East & Africa.
The study reveals that a major element that greatly affects the cost of a data breach in Saudi Arabia and UAE was the disclosed cost of wayward business that was $2.2 million.