close icon
Home Page
Products

Products

PAM logo
Privileged Access Management
PEM logo
Endpoint Privilege Management
PPA logo
Automation
Industries

Industries

school_line
Education
bank_line
Finance
government_line
Government and Defence
hospital_line
Healthcare
computer_line
IT Operations
settings_5_line
Industrial Control Systems
briefcase_line
Legal
store_2_line
Retail
Partners

Partners

Resellers and Distributors
Partner marketing support
Partner opportunity
Resources

Resources

tool_line
Free Tools
bookmark_line
Blog
file_search_line
Case Studies
usb_line
PAM Integrations
video_line
Videos
Webinars
paper_line
White Papers
book_2_line
Osirium University
news_line
Documentation
Company

Company

IDcard_line
About
news_line
News & Events
Team
Investor Hub
Software reviews gold medal
See the report
search_3_line
BOOK A DEMO
All posts
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Prev
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
Next
19
May 2016

Early versus late data breach outcomes

Andy Harris

We spent some time looking at the outcomes for companies that were the victims of cyber breaches, comparing those who experienced early data breaches to those who experienced late data breaches.

Early breaches

When we extended the time frames, early data breach victims followed a similar six-month pattern:

  • Share price took a heavy hit on announcement
  • Senior Executives lost their positions
  • Security became a short-term focus
  • New leadership focused on getting customers back through discounts and deals
  • Sales volume recovered
  • Share prices recovered and improved compared to competitors.

In other words, six months after the attacks businesses were in better shape than their competitors. Companies with the weakest security experienced the first wave of data breaches. The net result was that the subsequent shake-up was just what those companies needed, and as a result, they did better in the end. Their competitors would have reviewed their security, but without the personnel churn at the top.

Customers got used to data breaches and then increasingly fed up with data breaches. They consider big companies as mostly the same, and therefore price and service returned as the key buying factors.

Late breaches

Fast forward to today, and data breach victims are suffering. Taking TalkTalk as an example, we found these key differences:

  • No senior staff changes
  • Share price starting to show gentle recovery, but still well below the pre-breach level (29 months later)
  • Around 100,000 customers lost — and not replaced. (157,000 customer details breached)
  • Profits not recovering
  • The loss of between £40M (board) and £65M (press)

Retail organisations in previously good health can bounce back by heavily discounting stock. Service organisations don’t have that luxury; they don’t have stock to lean on and market forces are setting the general price level.

Organisations that rely on their reputation for confidentially suffer the worst. The ICO investigated 173 law firms regarding data breaches in 2014, culminating in this Information  Commissioner Warning, warning barristers and solicitors to keep personal information secure. In 2015, Law Firm warnings were running at 15 per quarter.

There is a constant cycling of who is at the bottom of the pile security-wise. This drives the need for constant vigilance. Osirium PAM is about prevention of breaches, rather than detection. We help prevent the external attacker and deter the internal wrongdoers.

If you’d like to find out more about Osirium PAM, get in touch.

‍

Related Topics

Privileged Access Management
Manager
Audit, Compliance and Governance
all posts
Top
Home Page
cyber essentials certified badge
Industries
EducationFinanceGovernment and DefenceHealthcareIT OperationsIndustrial Control SystemsLegalRetail
Company
AboutTeamBoard of DirectorsInvestor HubJob Opportunities
Resources
Free ToolsBlogPAM IntegrationsVideosWebinarsWhitepapersDatasheetsDocumentationCase Studies
Support
Support PortalOsirium University
© 2023 OSIRIUM. All rights reserved.
AccessibilityPrivacy PolicyEULATerms of ServiceSitemap