Data breach incidents can be catastrophic for any organization, resulting in large fines, loss of user or customer trust, and public image damage. However, a recent research conducted by information security specialists has found that these incidents could in fact be beneficial for some companies.
As you may recall, a data breach involves unauthorized access or disclosure of personal information records. Most countries have legislation applicable in these cases, although not all governments in the world similarly punish such incidents.
Information security specialists stress that
any company could be impacted by such incidents, as it does not influence
whether they are public or private organizations and no matter the industry
sector to which the company belongs. Whether it’s airlines, banks, public
institutions and e-commerce
sites, they’re all exposed to a data breach.
One of the main indicators for measuring the
impact of a data breach on a company is the price of its shares. Information
security services firm Comparitech has conducted an analysis of some companies
listed on the US stock exchange for the purpose of determining the impact that
a data breach has on the stock performance on a compromised company.
From the study of 33 different cases, the
researchers found that, on average, a company affected by a data breach lost
7.3% of the value of its shares; in the worst cases, stocks could fall for up
to 15 consecutive days.
Yes, this is an undesirable scenario, although
the investigation took a surprising turn. About six months after the incident,
all affected companies achieved even higher growth than in the six months prior
to the data breach (an average of 7.1% compared to previous growth of 4%).
In addition, researchers found that the more
recent the data breach is, the larger it causes a decline in the price on the
shares of the affected companies. For the companies concerned, financial
institutions were the hardest hit, while health care companies suffer to a
lesser extent the financial impact of these incidents.
According to information security specialists
from the International Institute of Cyber Security (IICS) one of the possible
causes of this revaluation is the way in which companies handle these
incidents. After suffering a data breach, a company can update its security
policies and practices, in addition to its IT infrastructure, to finally
undergo audits that demonstrate an improvement in its it security systems,
supporting its growth after completing cybersecurity incident recovery
However, Comparitech experts recognize that
their research only focuses on analyzing the price of a company’s shares, adding
that other variables, such as legal proceedings against affected companies,
also influence performance in the stock exchange.