A Deeper Look at the Financial Impact of Cyber Attacks
As large-scale instances of data theft — including theft of credit card records and personally identifiable information (PII) — are becoming more frequent, corporate executives and financial leaders are giving greater attention to the “cost” of cyber breaches. Are they looking at the breach, which typically categorizes data theft, or are they addressing “cost” as it relates to the entirety of the impact of a cyber incident to the enterprise?
Cyber incidents are becoming so widespread that some of the associated costs are fairly well anticipated, and are increasingly accepted as part of the risk of doing business. Direct costs can include those associated with customer notification, post-breach assurance programs, regulatory fines, public relations, technical analysis and remediation, and litigation, to name a few of the obvious.
Recognizing the growing cyber threat landscape, many finance and risk officers are responding by increasing budget allocations for IT security programs and investing in cyber insurance. While these commitments may be necessary to improve protection against certain kinds of losses, if made in the absence of a more comprehensive cyber risk program, they can leave an organization unwittingly exposed to far more consequential financial damage...
- Tags:
- and build “denial of service” attacks
- chief financial officers (CFOs)
- collaboration
- cost of cyber attacks
- cost of sales
- customer retention
- cyber attacks targeting industrial control systems in the energy industry
- cyber insurance
- cyber risk profile
- cyber wargaming and simulation events
- data breach
- data theft
- Department of Homeland Security (DHS)
- direct costs
- effective cyber risk programs
- electronic health records (EHRs)
- Emily Mossburg
- enterprise risk program
- Industrial Control Systems Cyber Emergency Response Team
- intellectual property (IP) theft
- Internet of Things devices
- legal costs
- operational destruction
- organizational disruption
- payment data
- Personally Identifiable Information (PII)
- preparedness posture
- public relations costs
- rippling costs
- Risk & Insurance Management Society (RIMS)
- risk-prioritized security controls
- strategic initiatives
- theft of credit card records
- threat awareness
- visibility to monitor and detect when a compromise is in progress
- Login to post comments