The global cost of data breaches

Commercial Technology and Data Lawyer and Arbor co-founder Ed Rea looks at recent reports and industry communications relating to cybersecurity.

Cyberattacks pose a significant risk to a company’s survival and financial health. According to a recent report by IBM the average cost of a data breach by businesses in 2023 was an astonishing $4.45 million, which is a rise of 15% since 2020.

The threat from hackers has not diminished. Recent data breaches have seen the data of UK armed forces personnel being accessed and the personal information of 49 million Dell customers allegedly being up for sale on the dark web.

Board members have a legal obligation for cyber governance within their organisations and need to proactively engage in monitoring and overseeing their corporate risk management. However, for board members without technical expertise, comprehending, discussing, and making well-informed decisions about cybersecurity matters can be challenging.

This is where advisory bodies like the National Cyber Security Centre (NCSC) can help. NCSC is a UK government organisation that provides advice and support for organisations on how to avoid computer security threats. It has recently published a new video called, ‘Empowering the Board: Understanding Cyber Threats and Ensuring Security Governance,’ which looks at the pivotal role boards play in managing cyber risk and overseeing governance in cybersecurity. It emphasises that boards possess the potential to harness technological advancements to drive their company’s agenda forward.

In the video, Paul Chichester, NCSC’s Director of Operations, and Tasha Grayson, Deputy Director of NCSC Assessment, delve into the common cyber threats faced by organisations. They stress the importance of board-level engagement in making well-informed cybersecurity decisions, which not only safeguard the organisation but also capitalise on the opportunities presented by technology.

NCSC also publishes a Cyber Security Toolkit for Boards, with resources designed to help board members govern cyber risk more effectively.

Further help

Advice from bodies like the NCSC can help board members and company directors navigate the basics when it comes to cyber threats and data compliance.

At Arbor Law we can help you stay on the right side of the law when it comes to detailed cyber security management. Our technology lawyers have decades of experience in sharing technology law advice and solutions with industry leaders. Whether you’re developing new software, products or growing your teams, we are here to help you keep up the pace of your technology projects and ensure you have the right commercial agreements and contracts in place to stay compliant.

Ed Rea is a Commercial Technology and Data lawyer and co-founder of Arbor Law. Ed can be contacted at