According to the digital association Bitkom, German companies suffer losses of 223 billion euros 1 every year as a result of criminal attacks. Whether through industrial espionage, sabotage or data theft: It is not only economic losses that the affected companies suffer, the company image also suffers in the long term.
But how does this happen? And what exactly are the risks of insufficient data security? According to the digital association Bitkom, German companies suffer losses of 223 billion euros every year due to criminal attacks.
The IDC Study 2021 2proven: 95 percent of companies were victims of ransomware or malware attacks within a year – more than a third of them even more than 25 times. More than 80 percent of the companies surveyed suffered a loss of data, which in almost 43 percent of the companies could not be recovered. This shows that data security risks are pervasive and can affect an organization in ways they may not be aware of. The causes range from technical defects and inadequate protective measures to human error and criminal attacks from outside. The more sensitive the data, the harsher the consequences. It is therefore essential for company owners, IT managers and data protection officers to
Risk 1: data loss
Have you ever lost your cell phone? Then you know the feeling of powerlessness and fear of what will happen to your personal data if it falls into the wrong hands. The next mental escalation level: Imagine that you don’t lose your own data, but that of a third party, for example the data of your boss or your customer. This can sometimes be life-threatening for you and your company, because:
- Data loss can be expensive: in addition to the cost of wasted man hours and disrupted business processes, there is the additional expense of recovering the information – if at all possible.
- Customer processes and relationships suffer: Customers may complain or, in the worst case, move their business elsewhere because their provider can no longer act reliably or react quickly enough.
Permanent or temporary, data loss is always frustrating. But the effects are particularly serious when data stored on servers is lost. Since many IT systems require constant access to this information, such a loss can even have a significant impact on business processes. A well thought-out backup strategy can help to significantly reduce the risk of critical data loss.
Risk 2: data theft
Data theft is the unauthorized access, unlawful use or disclosure of confidential data. The consequences of data theft are sometimes enormous for the individuals and companies affected, as their personal and financial information in the hands of criminals can lead to significant economic losses and damage to their reputation:
- Competitive espionage: Hackers can sell stolen data to the competition. A market advantage that has been developed over many years is thus nullified.
- Loss of account and payment information: Attackers often target sensitive information such as bank details in their attacks in order to get money as quickly as possible.
- Customer churn: According to the Ponemon Institute, 20 percent of customers would stop doing business with a company if their data was stolen. Another 40 percent are at least considering such consequences.
GDPR sanctions: Fines are not uncommon and can amount to as much as €20 million or 4 percent of the company’s global annual turnover.
In most cases, it is difficult to repair the damage caused by data theft. Here it is therefore necessary to take appropriate precautions – for example in the form of training and technical measures – so that data theft does not occur in the first place.
Risk 3: Data Corruption
Data corruption can take many forms. For example, data and information can be deleted, changed, suppressed or rendered unusable. The latter means that the information has been changed in such a way that it can no longer be used completely and as intended. One speaks of suppressed data when the authorized person no longer has access to the information. Apart from the fact that damaging data is a criminal offense under Section 126a of the Criminal Code and is even punishable by imprisonment of up to five years, the consequences of data corruption are above all:
- Expensive: As with data loss, there is an additional cost to recover or complete the information, if at all possible.
- Time-consuming : System failures, stagnant routines, data repairs – all of this is very time-consuming, costs resources and impairs business processes.
Conclusion: Better to play it safe (data).
The consequences of a lack of data security – no matter what the cause – are usually serious, especially in the corporate environment: not only is there a risk of economic damage, but the company’s image also suffers in the long term if data falls into the wrong hands. Especially when it comes to sensitive (e.g. personal) data, companies have to reckon with penalties and fines of sometimes existence-threatening proportions. But even if “only” business operations are affected, this is associated with painful costs for the companies concerned. Whether it is due to human error, a technical defect or external attacks then hardly plays a role. It is all the more important not only to train your own employees, but also to take appropriate technical and organizational measures and to rely on suitable tools such as highly secure collaboration services or virtual data rooms to prevent risks and ensure data security. Then there are no unpleasant surprises.
Further information, including a practical checklist with the 15 most important data protection measures, is available in our white paper “Data security: How companies protect their sensitive and business-critical data” , which can be downloaded free of charge.
1 https://www.bitkom.org/Presse/Presseinformation/Angriffsziel-deutsche-Wirtschaft-mehr-als-220-Milliarden-Euro-Schaden-pro-Jahr
2 https://www.zerto.com/wp-content/uploads/2021/04/IDC-White-Paper-The-State-of-Data-Protection-and-Disaster-Recovery-Readiness-2021.pdf
