Costs of Security Breaches

Written by: Francesco Trama | Published on: September 30th, 2013

About The Author

Francesco Trama
Francesco Trama As Chief Executive Officer and Founder, Frank is responsible for the overall operating performance, leading the strategic direction of the company’s products and solutions internally while building technical and business credibility externally as a market-facing thought leader.

The cost of a breach in security to a company can be catastrophic.  According to Ponemon, a single security breach often costs a company more than $500,000, and recent studies have reported that cyber-crime costs the U.S. economy a staggering $100 to $140 billion dollars and half a million jobs. Furthermore, these costs are certainly not isolated to America.  In Great Britain, it is estimated that cyber-crime costs companies 27 billion pounds, and it is probable that the financial damage to other nations occurs at a similar rate. These numbers should cause any business owner or security specialist to recognize two crucial facts.  First, the costs of security breaches are huge and increasing.  Secondly, damages of this size provide great attraction and motivation for hackers; therefore, we can expect that the numbers and severity of cyber-attacks will get much worse before they get better, and intelligent leaders should take prompt and decisive action to protect their company.

McAfee Study: $140 Billion and half a million jobs from the U.S. Economy
UK Cabinet Office: £27bn annually in the UK
Ponemon – $10 million is the average amount spent in the past 12 months to resolve the impact of exploits.


While lost or compromised data from a company’s network is certainly damaging, the greatest cost might actually come from lawsuits from clients or vendors whose networks were compromised by a flaw in your company’s security. The Consumer Insurance Guide states that risk exposure from cyber threats “could be greater than that posed by the more physical threats of fire or other disasters.” Furthermore, the report notes that while many companies are not as secure as they ought to be, “the real shock will come when they find out their commercial business liability insurance doesn’t cover them in cyberspace.” In 2011, someone hacked into Playstation accounts and stole customer information, and Sony is now responsible for up to $2 BILLION in lawsuits – all of which will NOT be covered by their liability insurance. According to the report, other companies in similar situations lost “$5.5 MILLION PER ORGANIZATION”.