sb-au logo
Story image

Aus study finds data breaches slice 5% from share prices

29 Aug 2017

Australian organisations hit by a data breach may see their share prices drop as much as 5% and take months to recover from the incident, and customers may start looking elsewhere for suppliers.

Commissioned by Centrify, a Ponemon study randomly selected 113 global companies. It found that on average, stock price dropped 5% on the day a data breach was disclosed. Customer churn rate hovered around 7%.

 The survey also took responses from 749 Australian IT professionals, markets and consumers. 40% of IT professionals reported that in the las two years, their firm had experienced a data breach that involved more than 1000 stolen records containing sensitive information.

33% of consumers also said they had stopped the relationship with the organisation that had experienced the breach.

However, those that had strong security posture managed to recover their stock value after an average of seven days, while those with weak posture took more than 90 days to recover.

“Data protection is no longer just an IT problem. When a breach can decimate your valuation and decimate your customer base, it must be elevated to the C-suite and boardroom because it requires a holistic and strategic approach to protecting the entire organisation,” comments Centrify CEO Tom Kemp.

He says that nobody wants to be the next Yahoo – an organisations that suffered two data breaches and slashed the company’s sale price to Verizon by $350 million.

“The bottom line is that security is a core business concern which demands the attention of the CEO, the C-suite and the board of directors. The fact is a breach can damage a company’s image for good,” Kemp continues.

However, two thirds of IT professionals don’t think it’s their responsibility to protect their brand.

Centrify’s senior director of APAC sales, Niall King, says that the misalignment between what organisations believe and what consumers believe about personal information is ‘alarming’.

“While 80 per cent of consumers believe organisations have an obligation to take reasonable steps to secure their personal information, only 61 per cent of IT professionals agree. Once that belief is breached, consumers don’t easily forgive or forget.”

The report suggests that leaders should take responsibility for breach response because the danger to stock value is a genuine threat to their business. Data breach preparedness plans should include procedures for communicating with all stakeholders, including investors, state attorneys and regulators.

The report also suggests that the plan should also address consumers’ concerns about their personal information. If necessary, the chief privacy officer should be involved in company privacy and data handling practices and make sure they respect customers’ expectation. This, in turn, will help mitigate customer turnover.

Story image
OT networks warned of vulnerabilities in CodeMeter software
Manufacturers using the Wibu-Systems CodeMeter third-party licence management solution are being urged to remain vigilant and to urgently update the solution to CodeMeter version 7.10.More
Story image
Just one click – that’s all it takes to let in cyber-crime
So how do organisations ensure that users are not compromised by simply doing their work?  The answer is surprisingly simple, writes Bufferzone Security business strategist for A/NZ Greg Wyman.More
Story image
The importance of selecting a secure SD-WAN solution
It’s essential to adopt a secure SD-WAN solution to avoid the risks that an unsecured SD-WAN solution can introduce, writes Wavelink managing director Ilan Rubin.More
Link image
Webinar: Best practices for keeping your video chats secure
Video collaboration providers nowadays operate exclusively on a multi-tenant, public cloud - and security and privacy concerns have come into the spotlight. Here's how to secure your communications.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Is cyber deception the latest SOC 'game changer'?
Cyber deception reduces data breach costs by more than 51% and Security Operations Centre (SOC) inefficiencies by 32%, according to a new research report by Attivo Networks and Kevin Fiscus of Deceptive Defense.More