Hacked! The cost of a cyber breach (Part 4) – Technology Industry

Company Profile: Software as a Service (SAAS) provider of human resources and membership management software for gymnasiums countrywide

An employee opened up a phishing e-mail that infiltrated the company’s centralized network. Anti-virus software failed to keep out the malicious code, exposing names, addresses, dates of birth, Social Security numbers and financial information, such as credit card and bank account numbers. A computer forensics investigator was hired, who determined that personally identifiable information had been compromised. This included information related to the customers’ employees as well as the company’s own employees.

According to the NetDiligence® Data Breach Cost Calculator* the estimated costs for this event for the software service provider could be:

Incident Investigation Costs: $291,000
Customer Notification and Crisis Management Costs: $504,000
Fines & Penalties: $550,000
Total Costs: $1,345,000

According to the Ponemon 2015 Cost of Data Breach Study, an average event of this type could drive the average costs up to $2,810,000 for a business.

Detection Costs: $610,000
Notification Costs: $560,000
Post Breach Costs: $1,640,000

Risk Management Tips:

  • Implement vendor security into your Information Security policies and procedures.
  • Add provisions that address cybersecurity into your vendor contracts.
  • Practice cyber-attack response drills with your vendors.

Read part 1 of Hacked! The cost of a cyber breach – Retail Industry
Read part 2 of Hacked! The cost of a cyber breach – Healthcare Industry
Read part 3 of Hacked! The cost of a cyber breach – Financial Industry

by Rosalie L. Donlon, Property Casualty 360

Leave a comment

Leave a Reply