CSO Online: Data breaches often result in CEO firing
What are the real world risks of a cyber security breach to CEOs and their company? We will explore the issues of reputational damage, incident cost, stock price impact, and increased regulatory attention. We will also discuss the fate of four CEOs who have faced cybersecurity breaches in the past three years.
According to Warren Buffet, “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.” The “2015 Cost of Data Breach Study: Global Analysis” from the Ponemon Institute shows that companies suffer a higher churn rate, increased customer acquisition costs, reputation losses and diminished goodwill due to an information security breach.
The 2015 Information Security Breaches Survey, conducted by PwC states. “When asked what made a particular incident ‘the worst’, 16 out of the 39 organisations who responded cited that it was the damage to their reputation which had the greatest impact. This is an increasing trend, up from 30 percent of respondents in 2014 to 41 percent this year.”
Lastly, from the Global Risk Management Survey 2015, quoting Greg Case, CEO of Aon, “For the first time since 2007, damage to brand and reputation has emerged as the top-ranked risk in our survey. Interestingly, cyber risk has entered the top 10 for the first time this year. The connection between these two risks has been felt around the world in 2014, as a rash of data breaches demonstrated the fragile nature of consumer trust in leading corporations.”
An information security breach will rob a company of its good name, customers, increase new customer acquisition costs and decrease opportunities. The damage may also be compounded by individual or class action lawsuits from former customers. Consumers are now aware of the negative impact identity theft can have on their lives and are voting with their pocketbooks in increasing numbers.
According to the Ponemon Institute, the average total cost of a data breach for the participating companies increased 23 percent over the past two years to $3.79 million. The PwC 2015 Information Security Breaches Survey, showed much the same trend, “the survey did find that the total cost of dealing with incidents continues to increase. Looking at the single worst breach suffered, the costs to large organisations range from just under £1.5 million (£1,455,000) to £3.14 million. For small organisations, the range starts at £75,200 to £310,800. These figures account for activities such as business disruption, days spent responding to an incident, loss of business, regulatory fines and loss of assets.”
To put the escalating cost of cyber breaches into perspective, the Center for Strategic and International Studies estimates the annual cost of cybercrime and economic espionage to the world economy may be as high as $445 billion. That is nearly 1 percent of global income.
Originally published on CSO Online.