By Megan Williams, contributing writer
Sometimes looking at issues from outside a healthcare perspective can be illuminating. This is especially true as your healthcare clients interact and partner with an increasingly diverse group of vendors and organizations. An NTT Communications report brings new emphasis on how important it is for organizations of all types to understand the cost of security breaches.
The report —2016 Risk: Value Report — covers research conducted during October and November 2015 on 1,000 business decision-makers (non-IT) across the U.S., U.K., Germany, France, Sweden, Norway, and Switzerland. The report found:
- A quarter of companies are certain they’ll experience a breach.
- The vast majority (75 percent) don’t believe their business data is secure.
- An organization will face costs of about $1 million after a breach.
- Only half of the respondents surveyed have security policies in place.
Perhaps one of the most interesting questions included in the survey addresses the internal effects of a data breach. According to respondents surveyed those effects include:
- stricter security procedures (60 percent)
- employees being disciplined for their actions (50 percent)
- an increase in workloads to address issues and prevent a repeat incident (50 percent)
- a drop in employee motivation (37 percent)
- staff losses to other companies and competitors (34 percent)
- senior business decisions-makers potentially resigning (31 percent)
External impacts included loss of customer confidence (74 percent), damage to reputation (65 percent) and financial loss (55 percent). While 72 percent of respondents indicated it would take an organization longer than a week to recover from a breach, on average it would take 14 weeks to see full recovery.
The insurance coverage section of the survey might be of the most use to you and your healthcare clients in starting a conversation around insurance preparedness in case of a breach. The report found that even though financial loss was a significant risk, most organizations were not mitigating these losses through insurance policies. Respondents indicated that:
- Only 59 percent had some sort of insurance to cover for the financial impact of data loss from a security breach.
- But 51 percent had an insurance policy dedicated to cyber security, with 24 percent in the process of obtaining one.
According to Christopher Camejo, director of threat and vulnerability analysis, NTT Com Security, “This report makes it clearer than ever how critically important it is for organizations to implement a comprehensive solution to protect their data. Fortunately, business leaders are now recognizing the risk to their organizations’ revenues and reputations, and beginning to take action to protect critical and confidential data from attacks.”