What Is the True Cost of a Data Breach to an Organization?

What Is the True Cost of a Data Breach to an Organization?

Smart Card Alliance White Paper Helps Payments Industry Understand Data Breach Impacts

Princeton Junction, N.J., March 24, 2015 – Data breaches are increasingly impacting businesses across the globe, with the average cost paid by a breached organization reaching $5.9 million at the end of 2014. To provide a resource for payments industry stakeholders to understand the true impact a data breach might have on their organization, the Smart Card Alliance released today a new white paper, “The True Cost of Data Breaches in the Payments Industry.”

The white paper, developed by the Smart Card Alliance Payments Council, helps issuers, merchants, acquirers and processors to analyze and understand the potential costs of a data breach and create the business case for developing a proactive data breach prevention strategy and for creating breach response plans. The white paper can be downloaded at https://www.securetechalliance.org/publications-the-true-cost-of-data-breaches-in-the-payments-industry/.

“This white paper provides a resource for organizations to better understand the substantial tangible and intangible costs associated with data breaches, and why investing in strong preventive technologies is important,” said Randy Vanderhoof, executive director of the Smart Card Alliance. “The impact of a data breach reaches all levels of an organization. Therefore, an upfront, preventative approach, such as layering EMV chip technology, tokenization and encryption, is an effective way to prevent breaches and reduce costs if a breach does occur.”

The white paper addresses these key topics:

  • Definition of a data breach, clarifying how breaches can occur and what is considered a data breach

  • Recent data breach statistics and reported costs

  • Definition of both quantifiable and intangible costs that need to be considered when calculating the total cost of a data breach. Some of the potential costs include card reissuance, chargebacks, credit monitoring, fraud analysis, legal fees, liability costs, loss of “top of wallet” status, lost revenue, penalties, security upgrades and others
  • Identification of the impact for different costs for each stakeholder group, including acquirers, merchants, issuers, card holders, payment brands and others

For more resources from the Smart Card Alliance Payments Council, visit https://www.securetechalliance.org/activities-councils-payments/.

More information on securing payments infrastructure with EMV chip technology, tokenization and encryption can be found in another Payments Council white paper, “Technologies for Payment Fraud Prevention: EMV, Encryption and Tokenization,” available for download at http://www.emv-connection.com/technologies-for-payment-fraud-prevention-emv-encryption-and-tokenization/.

White Paper Contributors

Participants involved in the development and review of “The True Cost of Data Breaches in the Payments Industry” included: ABnote, American Express, Capgemini, CH2M HILL, CPI Card Group, First Data, Fiserv, Giesecke & Devrient, Heartland Payment Systems, Infineon Technologies, Ingenico, INSIDE Secure, Intelcav, NXP Semiconductors, OATH, Oberthur Technologies, OTI America, Tyfone, Verifone, Visa Inc.

About the Smart Card Alliance

The Smart Card Alliance is a not-for-profit, multi-industry association working to stimulate the understanding, adoption, use and widespread application of smart card technology.

Through specific projects such as education programs, market research, advocacy, industry relations and open forums, the Alliance keeps its members connected to industry leaders and innovative thought. The Alliance is the single industry voice for smart cards, leading industry discussion on the impact and value of smart cards in the U.S. and Latin America. For more information please visit https://www.securetechalliance.org.


Michael Smith
Montner Tech PR
[email protected]