The Real Cost of Data Breach for MSPs
A lot of research has been conducted on the topic of data breaches over the last few years. What hasn't been addressed is the role of managed service providers in the defense of data breaches and the targeting of MSPs for cyber attacks and breaches. I think it is time for such a discussion within the channel.
Data Loss Has a Cost
Protecting customer data has always come at a cost. Customers are now becoming even more aware about the real threats of cyber attacks and the real cost of data breaches.
IBM recently commissioned The Ponemon Institute to study data breaches and that report found that the total cost of data breach globally is estimated to be around $4 million. Further, the report claimed that the cost of a lost or stolen record is not $158...each!
There are other costs for data breach as well. Take a look at the Verizon acquisition of Yahoo. It was just announced by the WSJ that Yahoo will be lowering its purchase price by $350 million, and will agree to cover 50% of the ongoing legal costs for dealing with the high profile data breaches it suffered.
MSPs have long played a defensive role for their customers when it comes to IT security. This is not new. What is new is that the same threats facing customers are now very much facing MSPs.
A ransomware script does not discriminate. It can just as easily impact a MSP organization as it can a customer. Hackers are also becoming more adept at using conduits as a means of reaching their true target, which may be one or two steps removed from the first hack they perpetrate.
For this reason, MSPs need to start looking inward and applying the same customer focused security and resiliency practices to themselves. MSPs know what needs to be externally for their customers. Sometimes, we forget to practice our own medicine and need a little reminding.
Cyber criminals know what is at stake and know the value of stolen data. What they don't know yet is whether MSPs understand.