Nowadays, the press doesn’t have to look too far for the next cyber attack story!
Whether it’s the surprise theft of customer data, like British Airways suffered this year, or a fresh Facebook hack, if there’s one thing we’ve learned this year – no one, regardless of size and sophistication, is immune to attack.
However, while press coverage typically (and quite rightly) focuses on the impact to customer privacy, and the subsequent fines incurred, very little attention is given to the long-term reputational and financial damage incurred by a company.
However, if you dig deep enough there are several studies available that look at the impact a cyberattack has on company performance (in particular revenue, and market valuation) – and it’s not great reading.
As you would expect, companies that suffer an attack routinely under-perform against the average when it comes to revenue growth (a result of brand and reputational damage).
Another study, (which focused on Nasdaq listed companies) found that even after three years, breached companies were down against the Nasdaq by almost 16%.
Of course, investors look at the immediate, and visible, indicators – such as customer churn, revenue performance, and the cost of any fines. But what of the indicators that aren’t so visible?
In particular, if the worst happens, what can investors learn from your company’s "security culture"?
Because while major breaches that result in the loss of sensitive customer data typically have to be reported (and therefore come to public attention), it’s the dozens of small, discrete breaches that happen every day, that point to a more worrying threat – a poor culture of security across the entire business.
Take the example of workplace messaging. There is still widespread misunderstanding across employees about the level of security offered to them by different technologies. Earlier this year we wrote about research that found that 50% of employees wrongly assumed that SMS and landline phone calls offered greater protection than secure E2EE messaging apps.
We’ve also widely covered the inappropriate use of tools such as Slack and even Whatsapp for the sharing of confidential company information.
If issues like this are evident within a business, is it indicative of a lackluster approach to data security? These are the questions that investors will be asking.
It’s also worth noting that many of the studies found that firms with board oversight of risk, and firms that were able to respond effectively to a crisis, fared better in the aftermath of an attack.
In fact, how a business manages its stakeholder relations during its recovery is one of the best indicators investors have about how well the business is prepared, and the tools it has in place to manage recovery and communicate securely.
Remember, without the right leadership, policies, and technologies in place, it’s only a matter of time before the next headline!
Wire Red is the most trusted, secure end-to-end encrypted communication and collaboration tool available, and the perfect choice for businesses looking to ensure business continuity in the event of disruption. Alert stakeholders when it matters most whilst ensuring that all messages, files and documents are secured with end-to-end encryption
It’s pre-provisioned, always ready to ensure business readiness and recovery, and available on both mobile and desktop devices. Messaging, conference calls, video conferences, and file sharing are just the start. Wire Red can be extended with custom integrations and bot-services, all hosted by Wire so your network downtime doesn’t affect availability. Speak to our Sales to learn more about Wire Red.