Investors Value A Companys Cybersecurity Record

  /     /     /  
Publicated : 22/11/2024   Category : security


Investors Value A Companys Cybersecurity Record


New HBGary report says majority of U.S. investors steer clear of investing in companies that have suffered multiple data breaches -- and they worry more about theft of customer data than intellectual property



SAN FRANCISCO -- RSA CONFERENCE 2013 -- Turns out most U.S. investors are wary of investing in companies that have a history of getting hacked, and they are twice as concerned about those whose customer data was stolen than those whose intellectual property was pilfered.
New data released here today from a survey conducted by Zogby Analytics on behalf of HBGary found that close to 80 percent of American investors said they arent likely to invest in a company that has suffered multiple cyberattacks, and 70 percent would research a publicly traded firms cybersecurity practices and incidents.
The fact that investors and customers care so much about this is why we are starting to see boardrooms take a lot more interest in the security of a company, says Ken Silva, senior vice president for cyberstrategy for the mission, cyber and intelligence solutions group at ManTech International Corp., of which HBGary is a subsidiary.
But investors weigh customer data breaches as worse than theft of IP: Fifty-seven percent said they consider a hack that compromises customer data as more worrisome, while some 29 percent rated intellectual property as the most worrisome.
People can relate to [customer data theft] right now and can feel the shockwave. I think IP theft will start to show itself and its real impact a couple of years from now when stolen intellectual property starts to make its way through the system, Silva says. Thats as opposed to now, when we know its happening, but we havent actually seen the ramifications of it yet like we do with customer data. Were not seeing exact copies of the next tablet coming out before Samsung or Apple, for example, he says.
Cyberespionage concerns are gaining some political clout, with the Obama administration last week announcing
its plans to crack down on IP theft
. And more and more big companies of late are coming clean that they have been infiltrated, including major media outlets like The New York Times, The Wall Street Journal, and The Washington Post.
[Finally, convincing evidence of a long-suspected Chinese military link to cyberespionage against U.S. firms: A prolific and especially persistent cyberespionage group out of China has been tied to the Peoples Liberation Army and has been behind attacks on a minimum of hundreds of companies across 20 major industries mainly in natively English-speaking countries. See
Chinese Military Tied To Major Cyberespionage Operation
. ]
HBGarys report, which gathered data from 405 U.S. investors surveyed, also found that 66 percent of investors said they would likely research whether a company had been fined or disciplined for a security breach.
ManTechs Silva says the most shocking finding of the survey was that 78 percent said they werent likely to invest in a company that had suffered multiple security breaches. Thats an incredibly high number, and that shows just how seriously investors are really taking [cybersecurity], he says.
The report also found that investors care about how companies handle breach disclosure. Given all of the publicity around breaches in the last two years, were almost numb to hearing about it. But when a breach is poorly handled, boy, does it make the headlines, Silva says. If youre hiding it, not disclosing, taking too long to disclose it, or if no one knew for a long time about the breach, that shakes investors confidence in the victim organization, he says.
Silva says investors traditionally have been all about the bottom line, but the survey shows that they are savvy about the potential impact of cybersecurity problems on companies they are looking to invest in: If this says anything, its that cybersecurity is a fiduciary responsibility, Silva says. So boards of directors need to treat cybersecurity as their fiduciary responsibility.
Have a comment on this story? Please click Add Your Comment below. If youd like to contact
Dark Readings
editors directly,
send us a message
.

Last News

▸ Feds probe cyber breaches at JPMorgan, other banks. ◂
Discovered: 23/12/2024
Category: security

▸ Security Problem Growing for Dairy Queen, UPS & Retailers, Back off ◂
Discovered: 23/12/2024
Category: security

▸ Veritabile Defecte de Proiectare a Securitatii in Software -> Top 10 Software Security Design Flaws ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Investors Value A Companys Cybersecurity Record