Compliance with the GDPR not only ensures greater protection for employees’ and customers’ personal data, but also guarantees the future of companies.
Avoiding the costs of data breaches
Corporate data is an increasingly coveted commodity. Compromising it can jeopardise a company’s business.
According to a study by Ponemon Institute and IBM Security, in 2022, the average cost of a data breach for a company worldwide is estimated at 4.35 million dollars. This figure is up by 12.7% compared to 2020. In France, the average cost for a company is almost the same, at 4.34 million dollars.
The costs are both related to the loss of data itself but also to the sanctions that may be ordered (such as fines). This is the case if the legal provisions on data protection were not respected. Finally, as a result of a data breach, a company’s trustworthiness may fall and this will also have an impact on its financial activity.
[VIDEO] Apolline SCHMITT, Lawyer at the Strasbourg Bar and DPO Tixeo, explains the stakes of personal data security for companies
These French companies affected by data theft
Recently, many examples have demonstrated the significant financial impact of data breaches. In 2022, the subsidiary of a French airline company was the victim of a cyber-attack that resulted in a massive leak of its employees’ personal data. What was the cause? A lack of security on the server where the data was stored. If this is verified, the company is liable to a fine of up to 4% of its turnover, as provided for in the GDPR.
While large organisations can afford these costs, SMEs cannot. A French company specialising in movable partitions has paid the price: following a cyber-attack that compromised its personal data, it had to apply for receivership. The attack cost the company several million euros and caused excessive commercial damage.
Improving the company’s image and reputation
A company that does everything it can to protect personal data reassures its ecosystem and, above all, its customers and employees. This is an aspect that can be the subject of communications and thus enhance the image of a transparent and secure company.
In addition, the implementation of a robust data security policy limits the risk of attacks. It avoids any paralysis of the company’s activity.
Video conferencing: do you (really) know how your personal data is handled?