New research from the Kaspersky Lab 2018 B2B Survey shows that North America is the top region where a data breach is most likely to be blamed on the C-suite, compared to results from eight other global regions. The research found that, in North America, 32 percent of breaches resulted in a C-level manager/president/CEO losing their job.
The report, “From data boom to data doom: the risks and rewards of protecting personal data,” is a study, based on responses from 5,878 interviews with businesses of all sizes from 29 countries, that provides insight on the state of data protection globally.
The study shows that 42 percent of businesses worldwide experienced at least one data breach in the last year. When a data breach occurs it not only results in a costly recovery burden, now at $1.23M on average, but it can also impact the company’s reputation, customer privacy, and even severely impact employees’ careers. Of businesses globally that experienced a data breach in the past year, nearly one-in-three (31%) have led to employees being laid off from their jobs.
The research highlights how responsibility for a breach often extends beyond that of the technical IT employees. Among employees let go, senior non-IT employees were laid off in 29 percent of small and medium-sized businesses (SMBs –50 to 999 employees) and 27 percent of enterprises (over 1,000 employees).
These employees can also be in a range of positions within a company. In 2017, a wide variety of people were let go as a result of data breaches: from CEOs to everyday employees who exposed the company customer data. For businesses this means more than just lost talent – other factors include:
- 45 percent of SMBs and 47 percent of enterprises have had to pay compensation to the customers affected
- 35 percent of SMBs and 38 percent of enterprises have reported problems attracting new customers
- 27 percent of SMBs and of 31 percent of enterprises have had to pay penalties and fines
- 41 percent of SMBs and 40 percent of enterprises had customer personally identifiable information (PII) affected
“While a data breach is devastating to a business as a whole, it can also have a very personal impact on people’s lives — whether they are customers or failed employees – so this is a reminder that cybersecurity has real-life implications and is in fact everyone’s concern,” said Dmitry Aleshin, vice president of product marketing, Kaspersky Lab. “With data now traveling on devices and via the cloud, and with regulations like GDPR becoming enforceable, it’s vital that businesses pay even closer attention to their data protection strategies.”