Business costs of sending the wrong emails to the wrong people


by Ben Mitchell, DocsCorp | about 2 months ago

Ben Mitchell, vice president, global commercial operations at DocsCorp, says the business cost of simply sending the wrong email to the wrong individual should not be underestimated

The data breaches that make headlines often follow a formula: network attacks perpetrated by cybercriminals, who target massive companies with millions of users, for financial gain. The endgame is to try to sell the stolen information on the dark web or use it to blackmail innocent victims. 

The kind of breach that is far more common, but less likely to be the subject of a gripping Netflix documentary, is one that involves human error. After all, there’s nothing thrilling about a plotline that climaxes when a secretary attaches the wrong spreadsheet to an email.

However, with over 124 billion business emails sent every day, there’s a real risk to organisations if a simple mistake in an email suddenly leads to regulatory scrutiny. 

Of the more than 3,000 complaints reported to the Information Commissioner’s Office (ICO) in the 2017–18 financial year, nearly 500 – or about 16% – were caused by sending an email to the wrong person. In the post-GDPR era, selecting the wrong ‘Jane’ or ‘John’ from Outlook’s autofill menu is all it takes to end up on the wrong side of a multimillion-pound fine.

The skyrocketing cost of data breaches 

When massive penalties were introduced as part of stricter data-protection laws, many people doubted that regulators would follow through. They believed that only the biggest and most public of companies would be subjected to fines. However, in 2018 and 2019, when Equifax, Marriott and Uber were stung with fines, regulators made it clear that it wouldn’t only be the likes of Google and Facebook that could face their ire. 

More than money – reputation hit too 

A headline-making data breach will also impact on your professional standing. Clients will quickly take their business elsewhere if they learn, or even suspect, their data isn’t adequately protected. It’s not uncommon to have to demonstrate a privacyby-design security model now in order to win a client’s business in the first place. Sophisticated, state-of-the-art security measures have become just another necessary cost of doing business. 

Reducing the likelihood of a data breach 

Unfortunately, in spite of even best efforts, not every data breach will be prevented. However, you can reduce the chance of a breach happening in the first place, and also make sure that the damage is contained if one does occur. In its 2018 Insider Threat report, Verizon listed over 20 steps that an organisation could take to minimise risk. The number one recommendation was to integrate security strategies and policies. This means taking a unified approach to data protection, so that no sensitive information can slip through the cracks.
This integration is baked into the new combined DocsCorp and iManage solution, a unique security platform that can extend your internal document controls – for example, setting who can or can’t see a specific folder or document set – to all email comms. It reduces both the likelihood of a breach, and the volume of data that’s affected if a breach does occur.  

This article was first published in the October 2019 issue of Briefing  'Buying signals'.