David Lacey has spelt out some of the real financial impact that business face when they suffer ‘data leakage’. In the case of TK Maxx he speculates that the cost could actually run into billions, rather than the mere $5m they have provided for to date. He breaks out a sobering list of costs that businesses face for being slack on data security:
“…for example the costs of investigations, remedial work, lost customers, loss of brand value, additional regulatory demands, fines, lawsuits, PR costs, and the costs of re-issuing credit cards. Not to mention the overall impact on e-Business from customers switching to cash payments.”
He then rounds off his post as follows:
“The risks and impact will continue to rise until organisations achieve much higher levels of security, including tighter platform and network security, better staff awareness and more aggressive auditing and monitoring of operational processes.”
Until more business are certificated to ISO 27001, in other words.