Investors want light shed on digital intruders
Companies loathe disclosing cyber-attacks. Beyond the effect on stock price, estimating the cost and materiality of economic espionage can be problematic and just as humiliating as admitting to breaches of customer data.
With the US government pushing for increased sharing of threat information from the private sector, a new Zogby Analytics poll finds investors are also demanding more transparency about corporate cyber-security.
Commissioned by Sacramento-based ‘incident response solution provider’ HBGary, the nationwide survey of more than 400 US investors finds two thirds of them feel corporate responses to cyber-attacks are more noteworthy than the actual attack.
In addition, more than 70 percent of US investors are interested in reviewing public company cyber-security practices and nearly 80 percent would most likely not consider investing in a company with a history of cyber-attacks.
‘This survey proves that today’s investors are more educated about the damage cyber-attacks can cause to a company’s brand and financial bottom line,’ says Ken Silva, senior vice president of cyber-strategy for HBGary parent ManTech International Corporation in a press release. ‘The high cost of cyber-attacks cannot be underestimated’.
The survey also reveals two thirds of investors are likely to research whether a company has been fined or sanctioned for previous cyber-security incidents. Investors are almost twice as concerned about companies that have had a breach of customer data (57 percent) as they are about theft of intellectual property (29 percent).
Meanwhile, a recent University of Texas study finds investors in internet firms are more likely to react negatively to public media revelations of cyber-security breaches than investors in non-internet firms. The paper’s author argues that’s because investors hold internet company managers to a higher standard in implementing effective countermeasures.