Senior executives worldwide estimate that their revenue would drop, on average, by 8% as a result of a security breach.
However, 17% expect it to have no impact at all on revenue, while a quarter (25%) admit they do not know what the financial implications would be.
These are the findings of a new report from global information security and risk management company, NTT Com Security.
The report highlights that senior executives worldwide fail to recognize the long-term damage – both in terms of time and money – that a security breach might have on their business.
“The report suggests that there is still a disconnect between the cost of data breaches and the importance organizations place on IT security to drive these costs down," says Catherine Kung, Regional Director at NTT Com Security.
On average 10% of an organization’s IT budget is spent on data/information security, although 16% of respondents do not know the amount spent.
Around half (49%) regard data security as ‘expensive’ and 18% see it as ‘disruptive’. Over half (57%) have a formal data security policy in place, but less than half (47%) have a business or disaster recovery plan in place in the event of a breach.
Around three-quarters (72%) say it is vital their organization is insured for security breaches. Less than half (48%) say their company insurance covers for both data loss and a security breach. A quarter of those with any insurance do not know exactly what they are insured for in the event of data security breach.
Over half (59%) agree there would be minimal long-term damage, although a significant number report that their organization would suffer reputational damage (60%) and loss of customer confidence (56%) if data was stolen.
"With security incidents making headlines daily, and costs soaring for a major breach – up to HK$13.4m on average for a large organization – a security incident can have far-reaching implications, from damaging a company’s reputation and share price to its ability to attract the very best talent.”