Hit enter to search or ESC to close

Get in touch

The shifting landscape of cybersecurity and reputation risk

Five years ago, a major cybersecurity breach could seriously damage an organisation’s reputation. Make it two – or three – and that organisation might find it very difficult to recover stakeholder goodwill, as in the case of TalkTalk when a series of hacks over the course of 2014 and 2015, accompanied by the apparent failure of the company to shore up its defences in response, led to a tenacious negative news cycle, and incremental loss of trust among stakeholders.

But would the same scenario result in an equivalent reputational crisis today? Cyber hacks have become so commonplace that businesses must assume it’s not a case of if sensitive data will be appropriated from their servers, but when. IT Governance reports that in July 2019 alone, 2.9 billion records were leaked worldwide, with targets including a Japanese cryptocurrency exchange, banks in Bangladesh, Kyrgyzstan and Sri Lanka, and the LA County Department of Health.

Cybersecurity arms race

Awareness of the steps that can be taken to manage digital risk, has grown enormously, but so too has the sophistication of cyber criminals and the methods they use to break down organisations’ defences. And it seems that stakeholders are beginning to understand and accept the complexity involved in protecting against cyber threats – potentially muting any resulting backlash against companies that fall victim to them.

Take Capital One. In July 2019, the bank admitted that a web application firewall had been breached in March that year, with the hacker accessing personal information from 106 million customers, largely lifted from credit card applications. Capital One’s share price dropped 6% in the days following the announcement, but despite logging one of the biggest data breaches ever, share prices never dropped as low as they did in 2018, and soon recovered to pre-breach levels

The bounce-back can be partly attributed to shareholders becoming inured to these events – even those on an unusually grand scale. But it can also be credited to the bank’s open and timely response. After the issue was uncovered, Capital One immediately fixed it and started working with law enforcement officials. “I sincerely apologise for the understandable worry this incident must be causing those affected and I am committed to making it right,” stated CEO Richard Fairbank, promising to notify people affected by the breach and make free credit monitoring and identity protection available. The bank insisted that it had heavily invested in cyber security and would continue to do so in light of the incident. The hacker was apprehended, without apparently having disseminated any of the information she stole, and it appears Capital One’s reputation will ride out the attack. 

A reputational opportunity?

A more interesting and perhaps counterintuitive question is whether, in a landscape where cyber breaches have become everyday news, there is an opportunity to proactively enhance reputation by demonstrating rapid response times, on-going vigilance, and investment in defence? In the same way that an initially negative customer experience can result in an opportunity to actually enhance customer relations, can cyber attacks be an opportunity to boost reputation?

As cyber crime retains its top risk ranking among US risk managers, with the average cost of a cyber breach standing at $3.86m in 2018, it’s accepted that almost everyone is going to get hit – but those seen to respond most effectively will gain the most trust, and win the approval of stakeholders. In an environment where all organisations are vulnerable, and the threats are constantly evolving, there may be significant reputational benefit in rethinking the opportunity presented by a cyber attack. 

See more articles
Join our Newsletter

Be part of the Connected Intelligence community Join our Newsletter

Join our Newsletter

Businesses are more exposed than ever to the #reputational #risk of a #boycott. Should this be seen as a risk to be managed, or a platform for firms to reinforce what they stand for and why? Download our latest reputation case study 👇 https://t.co/kq06MqZjS7

What is sentiment analysis, how does it work, why is it important and how is it developing. We take a comprehensive look at the field of sentiment analysis to demystify this often convoluted concept. #sentimentanalytics #reputation
👇 https://t.co/OCwjjqASx1

The differing approaches taken by airlines to the challenges of COVID-19 - from health concerns to refunds and from job cuts to executive pay - are beginning to show their long-term effects.

Download our weekly #Covid19 report: 👉 https://t.co/X2PAgL7iWH #reputation

Load More...

Be part of the Connected Intelligence community

To join our Connected Intelligence community simply complete the form below.