3 ways to set a dollar value on the benefits of your organization's Compliance (and security?) programs -
1. Save your organization the fines and the fees:
If your organization is non-compliant, and then a breach happens, the fines and legal fees can spell the doom of your business.
eg: If you are dealing with 1000 customers, the cost of any breach is =
fines +
legal fees +
fines passed along by your payment processor per customer * 1000 +
fees incurred by the bank per customer*1000 +
miscellaneous costs
2. Win more business and retain customers
When you are following a compliance mandate such as PCI - customers know you are going the extra mile to protect their data. Your partners and industry players want to work with you more because they know you are taking steps to protect personal and financial information. You win more customers with better positioning and enhanced reputation in the market. Entire market segments can open up when you become SOC2 compliant.
eg: Total benefits associated with your compliance program =
Revenue increase associated with new market segments +
Cost savings due to not losing customers
3. Peace of mind
You can actually put a dollar value on your peace on mind. In the event of a data / security breach, all of your organization (not limited to your security, data, financial, legal and marketing teams) would be spending 40-50% of their day in dousing the fires. Calculate the salary dollars spent on mitigating such issues. To give added context, also factor in the typical costs of data breaches within your industry. (Last I checked this was more than 4 million dollars as per a 2018 IBM Security and Ponemon Institute report.)
eg: Peace of mind costs =
x % of organizational salaries +
dollars spent on issue remediation activities
As a compliance/security champion for your organization, you will meet a lot of naysayers on your path. These individuals will question the financial implications of various security measures you suggest. Keep the above variables in mind and provide estimates along with suggestions to strengthen your cause!
Top comments (0)