Cost and Effects of Data Breaches, Precautions, and Disclosure Laws

Abstract

In recent times the breach of security systems or cyber-attacks leading to unauthorized acquisitions of computerized data that compromises the security, confidentiality, and integrity of personally identifiable information by many organizations has grown. There is a general belief that data breaches and today’s organizational practices are axiomatically regarded as cause and effect. This paper addresses the cost of data breaches, disclosure laws, and precautions that have been instituted for many organizations and concludes that cybersecurity and data breach question is not “if” but “when” it might happen. Data has grown as one of the critical assets, and the absence of security protocols creates a vulnerability that can be misused by bad actors engaged in hacking and other forms of the data breach. This paper documents that the last decade experienced a phenomenal rise in the number of data breaches caused by hacking and the efficacy of disclosure laws that have been instituted by 48 states in the US. The frequency of data breach incidents has been alarming as billions of records have been breached and billions of dollars have been spent to mitigate those breaches, which could have been allocated for other projects. It is recommended that all organizations, big or small, have cybersecurity policies and a business continuity plan in place to deal with data breaches.