Cyber Attacks: Revenue vs. Reputation
How big a problem are cyber attacks for businesses today?
Consider this — last October, while appearing on CBS’s 60 Minutes, FBI Director, James Comey said, “there are two kinds of big companies in the United States…those who have been hacked by the Chinese and those who don’t know they’ve been hacked by the Chinese.” Which are you?
In the last 18 months some of the country’s most revered brands have been targets of cyber attacks. No one knows exactly who is responsible for the cyber attacks on Neiman Marcus, Target, Home Depot, and Dairy Queen. But according to Trustwave, a cyber security firm, large retail brands, banking, insurance and manufacturing are especially vulnerable.
The growing number of attacks and costs are staggering. In several instances, cyber security firms with sophisticated tracking equipment and expertise are working to pinpoint potential customer and revenue damage for major brands who have been successfully hacked, but the bottom line is – it’s extremely difficult to detail the full extent of the losses, except to underscore that it was huge.
Equally alarming, customers have been slow to return. Thus, leaving the companies attacked with the arduous task of rebuilding consumer loyalty, trust and revenue.
If you were to calculate the net worth of your company, how much is the reputation of your brand worth?
Big successful brands are built over time with investments totaling billions of dollars.They’re also built upon trust and performance, as there’s an invisible brand promise every customer has with the brands they choose. When that promise is fulfilled, loyalty, advocacy and brand equity occurs. But when the brand promise is broken, when trust comes into question, the damage to the brand’s reputation is immense.
While hacking used to be more about individuals stealing money, now many cyber attacks are the work of foreign governments. Their intent is to steal intellectual property and create an environment of chaos and economic disruption. This produces constant national media coverage and analysis about the potential impact and damage of the attack. All of which causes a firestorm of negative publicity and a hemorrhaging of the brand’s customer base and stock price.
The net result — a huge loss of revenue and a tarnished reputation that can’t be measured in mere dollars and cents. Which begs the question — how can companies like yours protect against this new age of brand terrorism?
Research indicates that 95% of all data breaches are attributed to some kind of human error.
It used to be that businesses protected themselves from hackers with firewalls, intrusion detection and the ever-evolving availability of anti-virus software. Yet today, employee mistakes have become a huge concern.
Not huge mistakes, either, but simple errors such as not using appropriate passwords, or responding to an email that contains a virus that attacks your cyber security, which is called phishing often occur. Other mistakes include transferring corporate data outside of the company or not deleting data, thus leaving it vulnerable to data leaks that are costly to your organization
No matter what business category you’re in, you can’t ignore the increased risk of cyber terrorism. Thus, sophisticated cyber security is a must.
The best defense against cyber attacks and data breaches may be your employees. A diligent training effort will help prevent carelessness, breaches, and help reduce costs. Here’s a short list of best practices:
- Reaffirm to employees how important confidentiality is and train them on how to handle it.
- Investigate what’s available in data loss prevention technology to protect sensitive data.
- Commit to employing and actively using encryption and multi-factor authentication solutions.
- Make a plan with specific steps–including client notification–in the event of an incident.
If you have any questions or need additional information on cyber security, please contact one of our Hays Cyber Specialists: Dave Wasson, email@example.com or Michelle Carter, firstname.lastname@example.org.