From organizations paying massive noncompliance fines to consumers shunning companies they perceive as insecure, we’ll break down the impact of cyber attacks on businesses and individuals from businesses’ and consumers’ perspectives.
Hardly a day goes by without a new cyber attack or data breach making headlines in the press. It shouldn’t come as a surprise that cyber attacks on businesses (and the data breaches that typically follow) wreak havoc on the targeted organizations and their consumers. But what kinds of negative impacts or effects do these acts of aggression have on their targets and their targets’ stakeholders?
Let’s dig into the data and look at 12 of the top negative effects cyber attacks have on businesses and individuals.
This blog post will explore the impact of cyber attacks and data breaches on businesses.
Organizations Globally Have to “Dig Deep” as They Continually Battle Rising Breach Costs
As has been the case for many years, businesses and organizations in the U.S. continue to face the highest data breach costs globally. Data from IBM’s 2022 Cost of a Data Breach (CODB) report (conducted by Ponemon Institute) shows that U.S. organizations are being slammed with an average data breach cost of $9.44 million per incident. This is more than double the average cost when compared to the rest of the global community ($4.35 million).
Let’s compare this to previous years…
Data source: The data used to create this graph was gathered from IBM and Ponemon Institute’s Cost of a Data Breach reports from 2018-2022.
Of course, there are plenty of other direct and indirect costs and effects of cyber attacks and data breaches to consider…
Lost Business Opportunities Cost Organizations an Average of $1.52 Million
Data from IBM’s 2022 Cost of a Data Breach (CODB) report shows that while it’s not the leading data breach cost factor, lost business still costs organizations a pretty penny annually. This category of data breach costs includes the effects and activities relating to:
- Business disruptions
- Lost or damaged reputation
- Downtime
- Revenue losses
- Attempts to minimize customer losses, and
- New customer acquisitions (to replace those lost)
As we’ll address a little later in the article, these hits take a toll on organizations by helping consumers determine where they do (and don’t) want to spend their money.
76% of Organizations Experienced Downtime Due to Cyber Attacks and Other Issues
Yikes. As Acronis reports in its Cyber Protection Week Global Report 2022, more than three-quarters of surveyed organizations faced downtime in the last year for at least one of several reasons:
- System crashes (52%)
- Human error (42%)
- Cyber attacks (36%)
- Insider attacks (20%)
To put this in perspective, this represents a 25% increase over the numbers reported in their previous year’s report.
But what are some of the most common, specific causes of downtime or outages for your network, IT systems, or website?
- Expired SSL/TLS certificates (NOTE: here’s how to fix it if your digital security certificate has expired)
- Ransomware attacks
- Distributed denial of service attacks (DDoS attacks)
Effects of Data Breaches Extend to Companies’ Stock Market Performance
Another one of the negative effects of cyber attacks and data breaches on businesses can be seen on Wallstreet. In 2021, Comparitech analyzed the stock performance and share prices of 34 breached companies that were listed on the New York Stock Exchange (NYSE), which experienced a total of 40 breaches. What they discovered was that breached companies underperformed compared to the NASDAQ (using its performance as the baseline). The companies’ average share prices fell:
- 8.6% after one year.
- 11.3% after two years.
- 15.6% after three years.
Organizations Must Increasingly Look Inward as 19% of Data Breaches Involve Insiders
It’s common sense that organizations should be doing all they can to protect their IT systems and data from external threats. After all, Verizon’s 2023 Data Breach Investigations Report (DBIR) shows that 83% of data breaches resulted from external actors. However, that doesn’t mean organizations can be complacent about internal threats (i.e., intentionally malicious users and unintentional situations [read “oops”]), which are involved in nearly one of every five analyzed data breaches.
External threat actors can blackmail or manipulate employees into doing things they don’t want to do. But in some cases, your employees may just choose to “color outside the lines” and do bad things for whatever reason — money, revenge, or maybe just because they can. Knowing this, regardless of the “why,” organizations increasingly need to monitor and improve their day-to-day security management strategies and practices. This includes:
- Implementing strong digital identity management and access controls,
- Utilizing best-in-class network and website security tools,
- Providing regular, mandatory cyber security awareness training.
Cyber Attacks Further Burden Businesses’ Taxed Supply Chains
Data source: A joint cyber security advisory from the Federal Bureau of Investigation (FBI), Food and Drug Administration Office of Criminal Investigations (FDA OCI), and the U.S. Department of Agriculture (USDA).
It’s no secret that we’re living in a time of food shortages and supply chain issues, following the past few years of COVID-19 global restrictions and ongoing economic crises. But did you know that cyber attackers are, in part, contributing to this problem?
In December 2022, an alphabet soup of several federal agencies (FBI, FDA OCI, and USDA) released a joint cybersecurity advisory that details how cybercriminals are using business email compromise (BEC) scams to steal valuable food products and ingredients. The report listed more than $1 million in reported losses to suppliers and distributors.
As you can imagine, the affected businesses aren’t going to want to shoulder those costs on their own. So, what ends up happening as a result? I’ll give you one guess…
60% of Organizations Report Raising Their Prices After a Data Breach
As if customers aren’t dealing with enough already with looming inflation and global economic recessions, three in five organizations surveyed in IBM/Ponemon Institute’s CODB 2022 report said they had to pass data breach costs along to customers in the form of higher product and service costs.
So, not only are cybersecurity prevention and response costs already often baked into companies’ existing product and service prices, but now those prices increase when those security mechanisms fail. Unfortunately, this means consumers’ and end-users’ wallets are left to take the hits.
Alright, it’s time to wrap up our list of the negative effects of businesses. It’s time to switch gears and look at things from the perspective of your consumers…
In conclusion, the impact of cyberattacks and data breaches on businesses is profound and far-reaching. These incidents can disrupt operations, damage reputations, and result in significant financial losses. Beyond the immediate financial and operational consequences, the erosion of customer trust and the potential legal and regulatory ramifications can have lasting effects.
Businesses must recognize that the digital landscape presents both opportunities and threats. While embracing technology and the advantages it offers, organizations must also prioritize robust cybersecurity measures. This not only involves prevention but also detection, response, and recovery strategies.
In our upcoming article, we will delve into how cyber attacks affect individuals.
