On average a security breach globally cost about $3.68 million dollars, 6.75 million in Canada and in the united states that cost is $8.64 million. It’s common knowledge that a cyberattack does damage to a company, but it’s not so obvious how a cyberattack may affect a company’s underlying value. Obviously there’s a labour cost to all the employees that will work to fix it but there are many other ways that a cyberattack costs a company money that may not be apparent. This list goes into some of the most common ways that a cyberattack will negatively affect a company’s finances:
Whenever there is a hack at a company that goes public, stock prices tend to take a dip. Usually by about 7.27% on average. If you’re a smaller company or a startup this may not mean much to you but for larger companies this can be a big deal so it’s worth noting. Some common examples of this are Yahoo, Linkedin and Facebook, all of their stock suffered in value following data breaches.
Loss of Customers
Another thing that may happen depending on the nature of the data breach is a loss of customers. Some people may not feel comfortable doing business with a company who’s services went down at a crucial time because of a data breach, especially if it stays down for an extended period of time. A big example of this is when Sony’s playstation network went down for a few months, many people that grew tired of waiting simply switched to xbox or pc gaming. Also, if people’s personal information is stolen and they don’t feel comfortable keeping their data with you then that can be another reason why company’s may lose customers following a data breach.
Cyber Insurance Costs
Just like any other insurance, cyber insurance costs more if your company is considered a bigger risk. If your company suffers a cyberattack it will likely increase the price of your company’s cyber insurance going forward, especially if your company is at fault in some way. The more risky a company is deemed to be from a cybersecurity point of view the more costly cyber insurance will be.
If the customer information that is leaked causes damage or loss of money then your company may have to deal with lawsuits from disgruntled customers. In order to avoid this many companies offer services such as credit monitoring to help protect customers from harm, but either way it’s going to cost you some money dealing with customers if any of them are personally affected by the data breach.
If your company suffered a data breach due to what’s deemed as inadequate security you may face some compliance fees. GDPR as a prime example has collected a lot of money from companies due to non compliance and a data breach is a good reason for the organizations behind these compliance regulations to look at your company more closely. Also, you usually have notification requirements deadlines where you’re required to let these organizations know when a data breach happens and if you don’t meet these requirements that can result in a fine as well.
Another big cost associated with a cyberattack is the business you lose while your services are down. This is very common during ransomware attacks or DDOS attacks. If your business isn’t up and running then you can lose thousands or millions of dollars as a result. This impact is made even worse by the fact that some customers will not wait for you to get back up and running, they will just go do business with a competitor. The average time to contain a data breach is about 80 days, this means you’re going to have company resources working on fixing this issue for about 2 months and for those 2 months you can be losing business.