× Globe

We notice that you’re on our UK site, the version that serves your region is the US Eckoh site.

Go to US site. Stay on UK site

Important COVID-19 update Read More


The latest thinking from Eckoh

Data breaches: embedding security is your secret weapon
Friday, 14 September 2018

The cost of data security breaches is rising - but few companies have realised that automation can help protect sensitive information and save them a fortune, according to a top report.

Data breach embed security 900

As we explored in our last blog, the total cost of data security breaches has increased. On average, it's now estimated to be £3.7m for UK companies and US £7.9m for American organisations, according to research from the Ponemon Institute, which interviewed thousands of professionals*.

The numbers start to rack up when you factor in the cost of detection and notification, through to business disruption and fines. Worse still, the cost really escalates when a company's reputation is tarnished, goodwill evaporates and customers begin to walk away.

But deep within the Ponemon report, there's a surprising fact: only 15% of companies deploy full security automation.

When tech does a better job

In many areas where safety is paramount, we put our lives and our valuables into the hands of automated systems. Just think about aircraft navigation, skyscraper elevators, smoke sensors, sprinklers and burglar alarms. If there's a way to harness technology to make life simpler and reduce risk in an affordable manner, then we'll take it.

So it's strange that valuable customer data isn't usually treated in the same way especially when the stakes have never been higher when you bear in mind the General Data Protection Regulation (GDPR), PCI DSS rules on secure payments, and other data safeguarding requirements.

Just take contact centres for instance. The traditional approach for achieving PCI DSS compliance means investing heavily in time-intensive, manual processes to protect valuable data, such as cardholder details:

This can include:


  • Creating 'clean rooms' wherever cardholder data is present
  • Vetting a smaller group of employees so only they can take payments
  • Ensuring that mobile phones, pens or other ways to record numbers are present
  • Maintaining a vulnerability management programme
  • Regularly scanning and fixing vulnerabilities This approach isn't just complex and expensive - it's risky too, because human error is one of those things that makes us ... human. Rogue agents and determined hackers will always exploit weak links. But it doesn't have to be this way.


Early intervention

Ponemon's own definition of security automation refers to technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches.

Such technologies depend upon artificial intelligence, machine learning, analytics, and orchestration. According to Ponemon, these systems pay off. For example, the cost of a breach is estimated to be £1.55m less for those companies with full security automation.

But it's possible to embed security measures at the earliest stage ... and significantly reduce security risks.

For example, Eckoh has devised ways to:


  • Verify callers automatically: Rather than relying on agents to run security checks, verification solutions can identify customers over voice, web or mobile channels before they get transferred to an agent. You can tackle fraud and identity theft, while reducing call handling times and operational costs.
  • Take secure payments automatically: You can completely remove agents from of the process of taking card payments if you wish. It's possible to enable automated PCI DSS secure payments for customers over the phone, web and mobile devices. It's fast, easy and available 24x7.
  • Remove sensitive data automatically: If cardholder details and other personal data never enter your systems in the first place then there's nothing to be hacked, copied or leaked. Eckoh has even found a way to remove customer data from contact centre environments completely as payment acceptance and processing happens through a hosted, secure platform provided by Eckoh.


What's more, it's fast to deploy automated security measures like these. You don't need to rip and replace your existing contact centre systems.

Discover more

Get your free copy of The definitive guide to PCI DSS compliance for contact centres. You can find out how to make sure sensitive cardholder data is not exposed, secure newer channels like Web Chat and Apple Pay, and avoid the cost and complexity of achieving PCI DSS compliance yourself.

With the right solutions in place to protect sensitive data, you can keep out the fraudsters, boost your business agility and save money at the same time.

If you’d like to know more about how Eckoh can help protect your sensitive data download the Definitive Guide to PCI DSS Compliance or get in touch.


* '2018 Cost of a Data Breach Study'- IBM Security and Ponemon Institute

About the Author

Alex Monaghan

Alex Monaghan

Presales Director

Alex has over 30 years’ experience in speech and communication technology. His contact centre, telecoms and secure payment knowledge will enable him to put together the best possible solution for our customers and provide honest, clear advice and support.

Connect with us on LinkedIn

Latest Blog Items

Tweets by @Eckoh

Eckoh (@Eckoh)

Eckoh (@Eckoh)

Find out the critical next steps to ensuring security for your remote workers involving your people, processes and technology. #contactcentres #securepayments #eckoh bit.ly/2D7QLLx
Eckoh (@Eckoh)

Eckoh (@Eckoh)

Eckoh had an excellent performance in the year, with double digit revenue and profit growth as well as record order levels for a second year running. #contactcentres #paymentsecurity bit.ly/30NSO0U
Eckoh (@Eckoh)

Eckoh (@Eckoh)

Find out about the 5 lessons learned from COVID-19 for contact centre resilience. bit.ly/3cPDxz3

  • icon facebook
  • icon twitter
  • icon linkedin
  • icon youtube