Data breaches make an organization’s representatives painfully aware of the common phrase, “Time is money.” They scramble to recover lost information and limit the reach hackers have.
It’s undoubtedly important to take those immediate actions, but affected parties must also come to terms with the potential long-term effects of data breaches.
In today’s society, people who stay abreast of cybersecurity news could become aware of several high-profile breaches per month. Plus, when well-known brands like Equifax and Macy’s have cybersecurity troubles, non-tech-savvy individuals find out too because the headlines of major newspapers keep them informed.
Research shows that people don’t just brush off their newly acquired knowledge and continue shopping with brands affected by data breaches. A Ping Identity study that polled more than 3,000 adults from several Western countries found that 78 percent them would cease their online engagement with companies associated with data breach events.
Plus, the study indicated that breaches could restrict new customers from engaging since 49 percent of respondents said they would not use or sign up for a service that had recently reported a data breach.
These findings illustrate the possible damage that could cause people to steer clear of brands that don’t stay well protected against cyber attacks.
Corporations know how vital it is to perform well in the stock market. Failing to do so could erode investor confidence and lead to other signs of poor performance. Recent findings indicate that breaches have prolonged effects on companies’ stock market competitiveness.
The research looked at more than two dozen companies listed on the New York Stock Exchange that publicly disclosed breaches of at least 1 million records. LinkedIn, eBay and Apple were some of the names evaluated. It found that after breaches happened, entities underperformed on the stock market, sometimes up to three years after the event occurred.
Not surprisingly, when companies lost especially sensitive information like social security numbers and credit card numbers, the overall drops in performance were worse than if the entities didn’t have such data stolen. The worst effects were typically seen two weeks after breaches occurred.
It’s not always easy to pinpoint the total costs of a data breach, especially because numerous expenses could result from them. For example, a company that gets hit with a data breach could lose profits immediately afterward if productivity plummets while they try to resolve the problem. Moreover, it’s also been reported that 38 percent of breached companies loose more than a fifth of their revenue due to those events.
Also, the financial damage goes up depending on the number of records lost during a breach. A 2018 study found that each record lost during a data breach costs an average of $148. The study also found that the cost is significantly more — over 0 per instance — for records associated with the health care sector.
Affected companies could also rack up expenses related to legal fees and court orders. When Target dealt with a Black Friday data breach that compromised more than 110 million records, it had to pay an $18.5 million settlement split among all the affected U.S. states.
Besides requiring the retail brand to pay the amount, the court ruled that Target had to tighten up its security and encryption programs and put forth the money needed to maintain the enhanced protection. So although those improvements likely led to the prevention of future attacks, they still represent costs that impacted the company’s finances.
It’s important for employees to take pride in their workplaces and feel secure being part of the team, and a data breach could ruin those positive emotions. According to a study from Carbonite, 24 percent of data-breached companies said employee morale suffered after those instances, and a quarter of respondents reported poor effects on work-life balance. Moreover, 11 percent of organizations said employees quit after breaches.
Facebook has had a rough year due to the Cambridge Analytica scandal that caused public outrage over the breach of at least 50 million profiles. After the incident, people questioned whether they could trust the social media company to handle their data responsibly, and many deleted their profiles. A recent internal poll shows that employees are feeling the effects of being in the spotlight too.
Just over half of the almost 29,000 Facebook workers who participated in the survey said they felt optimistic about the company’s future, representing a 32-point drop from the previous year. Additionally, although 53 percent said they believed Facebook was making the world a better place, that statistic was also 19 points lower than last year.
When companies go through data breaches, they have to address more than just the concerns, low moods and fears of their employees. They also need to repair the reputational damage that could make it more difficult for human resources team members to hire for open positions. If people think society has a generally poor view of a company and they have doubts too, they may not want to work for the organization.
Since each data breach could have various long-term costs associated with it, it’s not possible for companies to measure the ramifications that may occur if they’re among the future victims of data breaches or have already experienced such issues.
Although this piece focuses on external attacks, it’s crucial for company leaders to remember that breaches can also happen due to employee errors or lack of information, making training essential.
Furthermore, organizations must take a proactive approach to breach prevention, realizing that reacting to the events only after they happen may exacerbate the damage.
By Kayla Matthews
