The Economics of Data Loss Prevention
In 2017, The Economist announced that the world’s most valuable resource is no longer oil – it’s data. Since the phrase “big data” was coined in the 1990s, data has become increasingly important to virtually every aspect of running a business – not to mention how we conduct our daily lives.
It’s no surprise that some of the most valuable companies are also those that capture the most user data. Take Facebook, for instance. By some estimates, Facebook users upload 243,000 photos every minute. Facebook’s net worth as of January 15, 2021 is $715.95B –– and Forbes ranked Facebook as the fifth most valuable brand in the world in 2020.
Unfortunately, many business owners aren’t confident that they have the right precautions in place to protect their most valuable resource: data. One survey found that 47% of small business owners found data security to be their biggest challenge; a further 42% said preventing data loss was also keeping them up at night. In a time when budgets are stretched thin and IT teams are working overtime, it can be difficult to justify investing more time and energy in data security.
Every business needs to enforce strong data policies — backed by data loss prevention tools –– and dedicate an investment in time, money, and effort.
Why is data so valuable?
Data plays a role in everything from product development to machine learning to anti-fraud and consumer security. Even small businesses can use customer data to build loyalty programs, run targeted marketing campaigns, and improve customer service.
“Data are now part of every sector and function of the global economy and, like other essential factors of production such as hard assets and human capital, much of modern economic activity simply could not take place without them,” said consulting firm McKinsey. “The use of big data — large pools of data that can be brought together — will become the key basis of competition and growth for individual firms, enhancing productivity and creating significant value for the world economy.”
Data provides a competitive advantage, allows you to serve customers more thoughtfully, and helps you make better business decisions. And, data also has what’s called a “network effect” – meaning the more data you have, the more benefits you reap. The more information you can collect about a customer’s preferences, the more you can improve your products, attract more customers, and generate even more data. Data is, essentially, the fuel for higher profits and sustainable long-term growth.
Just how valuable is data? Research by MIT Sloan School of Business sought to quantify, in dollars, how much certain information was worth to consumers. The researchers asked social media users to estimate how much money they would need to compensate for losing access to certain goods or services. The 2017 study found the median yearly compensation for giving up all social media was $322; respondents would accept $17,530 to give up search engines.
The cost of data breaches
It’s no wonder why hackers are constantly trying to access your data. Data breaches are the equivalent of a modern-day bank robbery – except the cost of a data breach to a business is more than just a one-time loss.
There are both direct and indirect costs associated with a data leak. Research from IBM shows that for small businesses with fewer than 500 employees, a data leak costs an average of $7.68 million per incident, including expenses such as:
- The median cost per record associated with compensating impacted customers
- Legal fees
- Fees for a PR firm to engage in reputation management and damage control
- Consumer credit monitoring for all customers (not just those impacted by the leak)
- The cost of engaging an independent auditor to look into up to five years of system records.
- Cost of recuperation if intellectual property was stolen
- The cost of conducting system and process audits to identify and correct the source of the leak
There are also some financial implications impacting long-term profitability/revenue projections. The direct costs of a data leak don’t factor in hidden costs – things like loss of market share, the inability to retain valuable existing customers, and also the loss of trust that would prevent you from acquiring new customers. “Forrester estimates that a company can expect to lose up to 20% of their customer base because of a data leak,” said one report. “For a business with net annual sales of $1 billion, with 80% of business coming from repeat customers, it can be devastating.”
The costs of not protecting your most valuable resource are clear: yet, many companies still struggle to get data loss protection right.
The economics of DLP
The question remains: what are the most economically-efficient ways to protect your valuable data and prevent a costly data breach?
Ideally, DLP is both a set of tools as well as policies and processes. Your DLP security policy will identify what sensitive data needs protection, where it is located, and the method for protecting that information.
Then, the DLP software can scan for threats, prevent unwarranted access, and identify nefarious attacks. DLP covers a range of different tools and software solutions to protect your data via your network, devices, and storage. Traditional DLP tools secure data on laptops, phones, servers and networks. In addition, the rise of remote work requires companies to include a cloud DLP security solution to provide visibility into cloud applications – platforms like Slack, Jira, and Google Drive.
Some DLP tools can be time-intensive to configure. Traditional endpoint or network-based tools could take weeks to install. However, Nightfall is the industry’s first cloud-native DLP platform that integrates directly via API – meaning that customers are typically up and running within a few minutes. For SaaS apps like Slack, Confluence, and GitHub, there’s no additional configuration or setup required beyond installation.
Plus, once Nightfall is installed, it leverages machine learning to scan both structured and unstructured data and its surrounding context with high levels of accuracy. This takes the burden off IT and security teams to constantly monitor and manually look for policy violations. Nightfall’s classification is automatic and highly accurate, eliminating the time spent tagging data manually, and reducing time spent reviewing false positives and grappling with alert fatigue. And, IT teams can use Nightfall to create automatic workflows that take action on sensitive data proactively, reducing the time spent manually responding to alerts and reducing mean time to resolution. Overall, Nightfall is one DLP solution that requires little investment in time and energy to improve an organization’s data security virtually instantly.
Organizations need comprehensive, holistic approaches to data loss prevention – especially one that leverage machine learning to do the lion’s share of monitoring and detection. Learn more about how Nightfall can protect your data by scheduling a demo at the link below.