Broadcasting that a serious investment was made before a hack shows that the company took security, and especially the privacy of its customers, seriously. Lead with the cybersecurity measures already in place. Our analysis shows that both customers and the stock market are reassured by a CEO who immediately and effectively communicates about the cybersecurity mechanisms the company already has in place. So what should you do? There are two key pieces of advice: 1) Lead with what you did right to prepare for this eventuality, and 2) then pivot to how you’re going to improve even more. One example is when Uber paid hackers through its bug bounty program to cover up a data breach incident in 2016. When the incident was publicly disclosed in 2017, it resulted in significant damage to Uber’s reputation, and a $148 million fine from the Federal Trade Commission in 2018. And while many companies trot out the CEO to say “I am deeply sorry for what has happened” or fire the chief security officer, neither acts will likely be much help. Strategies such as hiding the existence of the incident or finding excuses to minimize the organization’s responsibility can result in even worse consequences. First off, don’t try to hide that it happened. Here we will focus on the firm’s response strategy, the area that the company has the most control over. Our research and review of more than 14 published studies revealed that the consequences of a data breach incident may differ depending on the industry, firm size, the type of information exposed, and the response strategy. They also show that there are steps a company can take to not only mitigate reputational damage, but sometimes even end up improving their position. These counterintuitive outcomes indicate that many factors determine the fallout from data breach incidents. The JP Morgan Chase breach in 2014, for instance, didn’t impact its stock growth negatively, in fact, its stock actually rose slightly. Getting hacked doesn’t have to be a disaster, however. Likewise, following the announcement of the Equifax breach back in early September of 2017, the company saw a similar negative reaction from the stock market with its stock price plunging from $142.72 to $92.98 in just one week. What is worse, its market share dropped significantly in 2017 and has struggled to recover ever since. In the wake of the Capital One hack, which was publicly reported in July 2019, the company’s stock price dropped nearly 6% immediately in after-hours trading, losing a total of 13.89% over two weeks. As is often stated, “ it is not a matter of if, but when you will suffer a cyber attack.” Are you prepared?Ī hack can sink a company’s stock price and leave investors fuming. There is an estimated cyber attack every 39 seconds. On an annual basis, it is estimated that one in four Fortune 1000 firms will suffer a cyber loss event. Over 60% of the Fortune 1000 had at least one public data breach over the last decade, according to a Cyentia Institute research report.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |