The cost of data security breaches is rising - but few companies have realized that automation can help protect sensitive information and save them a fortune, according to a top report.
As we explored in our last blog, the total cost of data security breaches has increased. On average, it's now estimated to be US $7.9m for American organizations and £3.7m for UK companies, according to research from the Ponemon Institute, which interviewed thousands of professionals*.
The numbers start to rack up when you factor in the cost of detection and notification, through to business disruption and fines. Worse still, the cost really escalates when a company's reputation is tarnished, goodwill evaporates and customers begin to walk away.
But deep within the Ponemon report, there's a surprising fact: only 15% of companies deploy full security automation.
When tech does a better job
In many areas where safety is paramount, we put our lives and our valuables into the hands of automated systems. Just think about aircraft navigation, skyscraper elevators, smoke sensors, sprinklers and burglar alarms. If there's a way to harness technology to make life simpler and reduce risk in an affordable manner, then we'll take it.
So it's strange that valuable customer data isn't usually treated in the same way especially when the stakes have never been higher when you bear in mind the Payment Card Industry Data Security Standard (PCI DSS) rules on secure payments or even the General Data Protection Regulation (GDPR) and other data safeguarding requirements.
Just take contact centers for instance. The traditional approach for achieving PCI DSS compliance means investing heavily in time-intensive, manual processes to protect valuable data, such as cardholder details:
This can include:
Creating 'clean rooms' wherever cardholder data is present
Vetting a smaller group of employees so only they can take payments
Ensuring that mobile phones, pens or other ways to record numbers are present
Maintaining a vulnerability management programme
Regularly scanning and fixing vulnerabilities This approach isn't just complex and expensive - it's risky too, because human error is one of those things that makes us ... human. Rogue agents and determined hackers will always exploit weak links. But it doesn't have to be this way.
Ponemon's own definition of security automation refers to technologies that augment or replace human intervention in the identification and containment of cyber exploits or breaches.
Such technologies depend upon artificial intelligence, machine learning, analytics, and orchestration. According to Ponemon, these systems pay off. For example, the cost of a breach is estimated to be $2.02m less for those companies with full security automation.
But it's possible to embed security measures at the earliest stage ... and significantly reduce security risks.
For example, Eckoh has devised ways to:
Verify callers automatically: Rather than relying on agents to run security checks, verification solutions can identify customers over voice, web or mobile channels before they get transferred to an agent. You can tackle fraud and identity theft, while reducing call handling times and operational costs.
Take secure payments automatically: You can completely remove agents from of the process of taking card payments if you wish. It's possible to enable automated PCI DSS secure payments for customers over the phone, web and mobile devices. It's fast, easy and available 24x7.
Remove sensitive data automatically: If cardholder details and other personal data never enter your systems in the first place then there's nothing to be hacked, copied or leaked. Eckoh has even found a way to remove customer data from contact center environments completely - payment acceptance and processing happens through a hosted, secure platform provided by Eckoh.
What's more, it's fast to deploy automated security measures like these. You don't need to rip and replace your existing contact center systems.
Get your free copy of The definitive guide to PCI DSS compliance for contact centers. You can find out how to make sure sensitive cardholder data is not exposed, secure newer channels like Web Chat and Apple Pay, and avoid the cost and complexity of achieving PCI DSS compliance yourself.
With the right solutions in place to protect sensitive data, you can keep out the fraudsters, boost your business agility and save money at the same time.
Head of Global Marketing Tony has over 30 years’ experience in sales, marketing and business development and currently leads these activities for Eckoh in both the US and UK markets and across all sectors. Tony’s role focuses on helping contact centers to improve their customer engagement, making them convenient and secure for consumers to use. He understands the challenges organizations face around PCI DSS compliance and how to make the Omnichannel contact center experience a satisfying reality. He is a regular speaker at events on topics such as PCI DSS, GDPR, contact center technology, IVR solutions, self-service, secure payments, marketing and business development.