Linking Breaches, Brand Reputation & Stock Prices
Data breaches can damage brands and cause stocks to tank, but many IT practitioners and CMOs don’t think their senior management understands the connection.
Stock prices drop an average of 5% immediately after a data breach is disclosed.
Companies that reported superior security postures and responded quickly to a breach recovered their stock value after an average of seven days. Those with poor security postures that did not respond quickly saw their stock price decline for an average of more than 90 days.
The difference in the loss of share price between companies with a low security posture and those with a high security posture averaged 4%.
31% of consumers in the survey said they discontinued their relationship with a company that had one data breach. Of those consumers, 65% said they lost trust in the breached organization.
Of the 113 companies sampled, 2% had low customer loss rates and an average revenue loss of $2.67 million. Those that lost more than 5% of their customers had average revenue losses of $3.94 million.
Loss of brand value is the biggest cost of a security breach for 71% of CMOs, whereas only 49% of IT practitioners see brand diminishment as the biggest cost.
A data breach is a top threat to the reputation of a company and its brand value, but 45% of IT practitioners and 42% of CMOs don’t think brand protection is taken seriously in the C suite.
66% of IT respondents don’t think it’s their responsibility to protect their company’s brand. Of these, 50% do believe that a security incident would diminish the brand value of their company.
37% of CMOs said part of their marketing and communications budget goes toward brand preservation, but only 21% of IT practitioners allocate a portion of IT’s security budget to brand preservation.
80% of the consumers surveyed believe companies have an obligation to secure their customers’ personal information, but only 49% of CMOs and 48% of IT practitioners agree.
71% of consumers believe companies are obligated to control access to their personal information, but only 47% of CMOs and 46% of IT security practitioners agree.
80% of consumers said they trust healthcare providers to preserve their privacy and protect personal data, but only 26% of consumers trust credit card companies. Yet healthcare companies account for 34% of all data breaches, while financial organizations account for only 4.8%.