Saving Your Reputation After a Cyberattack
WHY THIS MATTERS
Have you considered cyber threats to your brand value?
Some cyberattacks have been shown to seriously impact brand value and share price, while some have not. Are you willing to roll the dice?
What is your cyber risk tolerance level?
Your risk tolerance level may prevent you from rolling the dice about a potential cyber threat or how you will respond to a cyber event.
If that is the case, then you can transfer some of your cyber risk to a Stand-Alone Cyber Insurance policy.
The Cost of Security Incidents
The 15th annual Cost of a Data Breach Report, with research by the Ponemon Institute and published by IBM Security, provides a detailed view of the financial impacts security incidents can have on organizations, including historical data breach trends, causes, and consequences.
The 2020 study analyzed 524 breaches that occurred between August 2019 and April 2020, in organizations of all sizes, across 17 geographies and 17 industries.
The total global cost of a data breach averaged $3.86 million, down approximately 1.5% from the 2019 study – but still in line with prior years.
The average time to discover and contain a data breach in 2020 was 280 days, nearly the same as 279 days in 2019.
Are You Willing to Roll the Dice After a Data Breach?
Have you considered the costs of reputational harm caused by phishing attacks (that become the gateway into your network) and data breaches (that steal and possibly publish your data)?
Some cyberattacks threaten brand value, whereas others do not. Are you willing to roll the dice about the ever-expanding cyber threat landscape?
Is the Threat to Share Price Real?
What are the real concerns for companies and their shareholders after a high-profile data breach, like those at Target and Home Depot, that exposed the personally identifiable information (PII) of millions of consumers and employees?
The Harvard Business Review (HBR) compared concerns over the loss of intellectual property, operational disruption, decreased customer trust, a tarnished brand, and loss of investor commitment to the impact on the company's stock price.
HBR stated that industry analysts have inferred that shareholders are numb to news of data breaches and only react to breach news when it has a direct impact on their business operations, either in expected profitability or if they become embroiled in a lawsuit.
The concept of "data breach fatigue" applies to more than shareholders – it is an ongoing discussion about how the consuming public views data breach news that may or may not impact them directly.
In reviewing recent data breaches, HBR found that stock prices decreased slightly or quickly recovered following the breach. For example:
- Home Depot – The data breach in 2014 compromised 65 million customer credit and debit card accounts. The company's stock price decreased slightly one week after the announcement. In the third quarter of 2014, Home Depot showed a 21% increase in earnings per share.
- Target – The data breach during the 2013 holiday season shopping period compromised the credit and debit card data of 40 million customers and PII of about 70 million customers. The stock experienced a 10% drop in price in the aftermath of the security breach. Still, by the end of February 2014, Target had experienced the highest percentage stock price regain in five years.
- JP Morgan Chase Bank – disclosed in October 2014 that in August 2014, hackers had compromised the PII of approximately seven million small businesses and 76 million households in a data breach. The bank warned its customers of potential phishing attacks after the breach. Stock prices for JP Morgan Chase were stable following the announcement and then rose by the beginning of November 2014.
Talk Talk's Direct Hit to Share Price and Customer Loyalty
The 2015 data breach of Talk Talk, the UK telecom company, impacted 157,000 customers, resulting in an example of a worst-case scenario. Not only did Talk Talk lose over 100,000 customers, but it also suffered a drop in the share price.
Post-data breach, Talk Talk's customers, expressed outrage online, particularly on Twitter, about the theft of their PII. Talk Talk used its own Twitter response campaign to try to turn the tide from outrage to better understanding, and hopefully, to retaining customers.
Notably, TalkTalk's share price dropped 10.7% -- despite the HBR research about other notable data breaches.
To make matters worse, in 2016, the Information Commissioner's Office (ICO) in the UK fined Talk Talk GBP 400,000 (approximately USD 529,000 in 2016) due to its security failings and breach of the Data Protection Act of 1998 (before enforcement under the Global Data Privacy Regulation (GDPR) in 2018).
Elizabeth Denham, Information Commissioner stated:
"Today's record fine acts as a warning to others that cyber security is not an IT issue, it is a boardroom issue. Companies must be diligent and vigilant. They must do this because they have a duty under law, but they must also do this because they have a duty to their customers."
Talk Talk ultimately paid a fine of GBP 320,000 (approximately USD 423,000 in 2016) in a settlement.
Threat to Customer Loyalty
In 2018, roughly five billion people had their personally identifiable information (PII) compromised and exposed by hackers. If you were a customer of T-Mobile, Quora, Google, Orbitz, Marriott, or Facebook, among others, you could have been among the millions of people who had their email addresses, passwords, passport numbers, credit card numbers, and billing addresses stolen.
How do customers react to the news that their PII has been stolen and exposed?
The findings of a study on data breaches in 2018 showed that almost one in four Americans stop doing business with companies who have been hacked, and more than two in three people trust a company less after a data breach.
In 2019, a global survey of 10,000 individuals, 70% claimed they would stop doing business with a company that experienced a data breach.
Keep in mind, that while customers and shareholders might forgive the first data breach and might not change brands or loyalty to their stores, they may be less tolerant of future cyberattacks.
How you respond to a cyber incident is half the battle. Do you want to go it alone, or do you want a team of experts to help you as part of your Stand-Alone Cyber Insurance coverage?
Incident Response Plan and Support Team
Holistic cyber risk management includes cybersecurity measures coupled with Stand-Alone Cyber Insurance.
Cyber best practices call for an incident response plan, with or without cyber insurance. If you believe that you can prepare at the time of the cyber incident, you are less likely to mitigate damages, including damage to your reputation.
It is all about timing – you must respond as quickly as possible to the attackers. They are out to harm you, steal your data, impact your bottom line, and perhaps ruin your reputation.
It takes a support team – to help you stop and mitigate the attack in its tracks:
- Legal counsel/Breach coach to head up your team and maintain privilege.
- Forensic experts to investigate the incident and assist with mitigating the loss.
- Forensic accountants to quantify the potential loss.
- Public relations firms to help with your media campaign.
- Crisis management experts to help with damage control.
- Reputational repair firms to help with restoring brand value post-cyberattack.
Of course, you can invest your own time and money to find and gather your support team, and to fund their services. Alternatively, you can obtain first-party coverage for Incident Response in your Stand-Alone Cyber Insurance policy.
Your organization may withstand a cyber event with little damage to your brand, client base, sales, or share price. A lack of reputational harm could be the result of good fortune, or due to a disciplined, holistic approach to cyber risk management
Stand-Alone Cyber Insurance Coverage
Your business stands a better chance of financial recovery from a cyberattack with a robust Stand-Alone Cyber Insurance policy.
Cyber insurance carriers now offer coverage for financial losses caused by reputational harm or negative media following a cyberattack, including the profits lost due to a reduction in sales.
In addition, some cyber insurance carriers also offer coverage for reputational repair when your brand value takes a direct hit from the bad press about a cyber event, including public relations costs and media publication costs to help with loss mitigation.
Quantifying these losses is no easy task, which explains why some insurance companies offer more limited reputational harm coverage, or none. Your company will need to show evidence of reputational damage, (e.g., adverse reports in print, online, or broadcast media) as well as documentation substantiating financial loss after the cyber event.
That means the quest to find the best metrics to assess the impact of cyberattacks on brand value, stock prices, and profitability is ongoing.
Due to the complexity in quantifying these losses, you will be on surer footing if you work with a specialized cyber insurance broker and specialized cyber insurance carrier to review coverage that is appropriate for your needs.
Your company has robust cyber solutions that it can count on:
- A tried and accurate (i.e., pre-planned and pre-tested) incident response plan and an incident response team to assist you as soon as you suspect a cyber incident.
- Stand-Alone Cyber Insurance that supports you in your efforts to mitigate a cyber loss.
- Your reputation and brand should not be devalued due to a data breach or a phishing attack that leads to a shutdown of your website or business operations.
- Your business stands a better chance of maintaining brand value after a cyberattack with a dedicated Stand-Alone Cyber Insurance policy suited to your risk tolerance level. Cyber Armada Insurance stands ready to help you.
Reach out to a specialist cyber broker, such as Cyber Armada Insurance, to assist you with your Stand-Alone Cyber Insurance needs. We understand the evolving cyber risks, the dynamic cyber insurance market, and the demands of cyber insurance clients.
Contact Cyber Armada today to explore how your company faces potential financial losses from a cyberattack. Contact us at 888.727.6232.
Please watch for our next article will provide an update about the Cybersecurity Maturity Model Certification Accreditation Body (CMMCAB).