Early Versus Late Data Breach Outcomes

Published: 19 May 2016

Francis Washington, The Fraud Tube Presentation Notes

By Catherine Jamieson


Early versus Late Breach Outcomes

A couple years back we spent some time looking at the outcomes for companies that were the victims of cyber breach, this work became the 'blog that never was'.

Fraud Tube Logo

When we extended the time frames we found that early breach victims followed a similar six month pattern:

  • Share Price took a heavy hit on announcement.
  • Senior Executives lost their positions.
  • Security became a short term focus.
  • New leadership focused on getting customers back through discounts and deals.
  • Sales Volume recovered.
  • Share prices recovered and improved compared to like competitors.

In other words, six months after the attacks they were in better shape than their competitors

We came to the conclusion that companies with the weakest security experienced the first wave of data breaches. The net result was that the subsequent shake up was just what those companies needed and as a result they did better in the end.

Their competitors would have reviewed their security, but without the personnel churn at the top.

Customers got used to breaches, and then increasingly fed up with breaches. They consider big companies as mostly the same, and therefore price and service returned as the key buying factors.

Fast forward to today. How are today's breach victims getting on? The picture is grim; We spent some time looking at the outcomes for TalkTalk, and found these key differences:

  • No Senior Staff Changes.
  • Share price starting to show gentle recovery, but still well below the pre-breach level (29 months later).
  • Around 100,000 customers lost -- and not replaced. (157,000 customer details breached).
  • Profits not recovering.
  • The loss of between £40M (Board) and £65M (Press) is still a major factor

Some Conclusions

Retail organisations in previously good health can bounce back by heavily discounting stock. Service organisations don't have that luxury, they don't have stock to lean on and market forces are setting the general price level. Organisations that rely on their reputation for confidentially are suffering the worst. The ICO investigated 173 law firms regarding data breaches in 2014 this culminated in this Information Commissioner Warning . In 2015 Law Firm warnings were running at 15 per quarter.

There is a constant cycling of who is at the bottom of the pile security-wise. This drives the need for constant vigilance. Osirium is more about prevention of breaches rather than detection. Osirium helps prevent the external attacker and deter the internal wrong doers.

Osirium provides 'PxM' or Privileged x Management, where the x can be any of user, account, access, analytics, task or session.

Release Date: 
Thursday, 19 May 2016
Article Type: 
Blog Post
Author: 
Catherine Jamieson