Risks relating to cyber security have risen to the top of the corporate agenda in recent years but few company leaders are aware of the full extent of the possible damage that data breaches can cause.
A new study commissioned by cyber security firm CGI and conducted by Oxford Economics, has found that companies’ share prices fall by an average of 1.8 per cent on a permanent basis following a severe breach – where large amounts of sensitive information are lost.
This means a typical FTSE 100 firm is worse off by an average of £120m after a breach, according to the study.
Oxford Economics compiled the data using the Gemalto Breach Index – a register of publicly disclosed cyber security breaches.
Some 315 breach events were examined in total with a focus on 65 “severe” and “catastrophic” breaches occurring since 2013 across seven global stock exchanges. The analysis found that investors have lost at least £42bn due to severe public domain cyber security incidents since 2013.
Dr Andrew Rogoyski, vice president of cyber security services at CGI UK, said there is a “huge difference” between industry sectors that are targeted for attacks and those that suffer major cyber breaches.
“Healthcare is an example of a sector that suffers a large number of breaches but isn’t necessarily targeted, because there aren’t many ways to monetise attacks on health companies, yet.” Dr Rogoyski told The Independent.
“Companies that perform financial transactions tend to be targeted because of the potential for cyber criminals to make money out of them,” he added.
Many company chiefs appear to be unaware of their firm’s vulnerability to a cyber-attack.
The reality is that cyber security isn’t perceived to grow the top or bottom line, so it’s often under-funded,” Dr Rogoyski explained.
Andrew Gilchrist, a senior associate at international law firm K&L Gates LLP, said the response to a cyber breach can only be as good as a company’s preparation for it.
Source: The Independent