Cyber Attack Aftermath Business and Reputation Effects
In the public arena, breaking news of a cyber-attack to a corporation is usually limited to headlines. But the true aftermath of a wide-ranging cyber intrusion can be deep and severe. Data breaches carry their own set of obvious problems (lost customer information, lower consumer confidence, etc.), but they also leave long-term damage that is often not understood until much later. Major U.S. companies have fallen victim to cyber-attacks and data breaches in recent years; it's only logical that more will follow. Cybersecurity awareness is an all-encompassing term for the steps it takes to secure your business, customers, and reputation, from the digital fault lines all around us.
Paul Bischoff, a researcher with the London-based firm Comparitech, recently completed a study to add some perspective regarding cyber-attacks. The firm focused on 24 major companies that suffered from at least one million customer records lost: a list that included Apple, eBay, and Home Depot. They wanted exact numbers, and what they found was fairly staggering:
- After an attack, the average company's stock took a full 38 days to recover.
- A company's market share dropped immediately by nearly three percent (2.84 percent, to be exact).
- And amazingly, three years after a large cyber-attack, stock was down 42 percent compared to the NASDAQ baseline.
Much can be done to mitigate the damage, and experts in cybersecurity are quick to point out that a thoughtful response can lead to meaningful gains during recovery. Here are some key concepts to keep in mind regarding internal and external communications during and after a security crisis:
- Aggressive public response is vital. Being open about what can (and will) be done better in the future enhances and begins to rebuild public confidence.
- Communication with investors needs to be clear and concise; those in the internal walls of your business want the facts, not hesitation.
- Get a head start by having a thorough cybersecurity response plan in place before an attack.
Large businesses are certainly vulnerable to cyber-threat, but of course, hackers will look for weaknesses. Budget-challenged IT departments and minimal cybersecurity awareness planning can play into the crosshairs of professional criminals. Unfortunately, these two risk factors are often attached to smaller businesses. From Fortune 500 to the local ice cream shop, cybersecurity awareness is an important principle we all can practice. And with the right tools and communication strategies paired with technical knowledge, any business can better protect itself from cyber-threat. If you want to learn more, feel free to contact NC4 or read our blog for more information!
Thanks for contacting NC4! A member of our team will be in touch with you shortly.