The latest thinking from Eckoh

Data breaches: embedding security is your secret weapon
Tuesday, 25 September 2018

The cost of data security breaches is rising - but few companies have realized that automation can help protect sensitive information and save them a fortune, according to a top report.

Data breach embed security 900

As we explored in our last blog, the total cost of data security breaches has increased. On average, it's now estimated to be US $7.9m for American organizations and £3.7m for UK
companies, according to research from the Ponemon Institute, which interviewed thousands of professionals*.

The numbers start to rack up when you factor in the cost of detection and notification, through to business disruption and fines. Worse still, the cost really escalates when a company's reputation is tarnished, goodwill evaporates and customers begin to walk away.

But deep within the Ponemon report, there's a surprising fact: only 15% of companies deploy full security automation.

When tech does a better job

In many areas where safety is paramount, we put our lives and our valuables into the hands of automated systems. Just think about aircraft navigation, skyscraper elevators, smoke sensors, sprinklers and burglar alarms. If there's a way to harness technology to make life simpler and reduce risk in an affordable manner, then we'll take it.

So it's strange that valuable customer data isn't usually treated in the same way especially when the stakes have never been higher when you bear in mind the Payment Card Industry Data Security Standard (PCI DSS) rules on secure payments or even the General Data Protection Regulation (GDPR) and other data safeguarding requirements.

Just take contact centers for instance. The traditional approach for achieving PCI DSS compliance means investing heavily in time-intensive, manual processes to protect valuable data, such as cardholder details:

This can include:

  • Creating 'clean rooms' wherever cardholder data is present
  • Vetting a smaller group of employees so only they can take payments
  • Ensuring that mobile phones, pens or other ways to record numbers are present
  • Maintaining a vulnerability management programme
  • Regularly scanning and fixing vulnerabilities This approach isn't just complex and expensive - it's risky too, because human error is one of those things that makes us ... human. Rogue agents and determined hackers will always exploit weak links. But it doesn't have to be this way.

Early intervention

Ponemon's own definition of security automation refers to technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches.

Such technologies depend upon artificial intelligence, machine learning, analytics, and orchestration. According to Ponemon, these systems pay off. For example, the cost of a breach is estimated to be $2.02m less for those companies with full security automation.

But it's possible to embed security measures at the earliest stage ... and significantly reduce security risks.

For example, Eckoh has devised ways to:

  • Verify callers automatically: Rather than relying on agents to run security checks, verification solutions can identify customers over voice, web or mobile channels before they get transferred to an agent. You can tackle fraud and identity theft, while reducing call handling times and operational costs.
  • Take secure payments automatically: You can completely remove agents from of the process of taking card payments if you wish. It's possible to enable automated PCI DSS secure payments for customers over the phone, web and mobile devices. It's fast, easy and available 24x7.
  • Remove sensitive data automatically: If cardholder details and other personal data never enter your systems in the first place then there's nothing to be hacked, copied or leaked. Eckoh has even found a way to remove customer data from contact center environments completely - payment acceptance and processing happens through a hosted, secure platform provided by Eckoh.

What's more, it's fast to deploy automated security measures like these. You don't need to rip and replace your existing contact center systems.

Discover more

Get your free copy of The definitive guide to PCI DSS compliance for contact centers. You can find out how to make sure sensitive cardholder data is not exposed, secure newer channels like Web Chat and Apple Pay, and avoid the cost and complexity of achieving PCI DSS compliance yourself.

With the right solutions in place to protect sensitive data, you can keep out the fraudsters, boost your business agility and save money at the same time.

If you’d like to know more about how Eckoh can help protect your sensitive data just give us a call on 866 258 9297 or drop us an email at This email address is being protected from spambots. You need JavaScript enabled to view it.


* '2018 Cost of a Data Breach Study'- IBM Security and Ponemon Institute

About the Author

Tony Porter

Tony Porter

Head of Global Marketing Tony has over 30 years’ experience in sales, marketing and business development and currently leads these activities for Eckoh in both the US and UK markets and across all sectors. Tony’s role focuses on helping contact centers to improve their customer engagement, making them convenient and secure for consumers to use. He understands the challenges organizations face around PCI DSS compliance and how to make the Omnichannel contact center experience a satisfying reality. He is a regular speaker at events on topics such as PCI DSS, GDPR, contact center technology, IVR solutions, self-service, secure payments, marketing and business development.

Connect with us on LinkedIn

Tweets by @Eckoh

Eckoh (@Eckoh)

Eckoh (@Eckoh)

Extend the life of your trusty legacy #Aspect® systems with expert third-party support from Eckoh.
Eckoh (@Eckoh)

Eckoh (@Eckoh)

The Eckoh team are set-up and ready to meet you at the PCI North America Community Meeting. Come and say hello to the team at Booth #6. We would love to share insights and knowledge with you around secure payment solutions for your contact center. #PCISSC
Eckoh (@Eckoh)

Eckoh (@Eckoh)

We are looking for a qualified Senior Software Engineer to lead a team of developers in Hemel Hempstead. You need to have expert knowledge of Linux server systems, web development, and famiarity with HTML, PHP, JavaScript, jQuery and more. Apply: #careers