Security Market Segment LS
Tuesday, 19 March 2019 11:25

How much does a CEO enjoy a cyber breach? Quite a lot, it seems

By

Researchers at Warwick Business School have found that in the five years after a cyber incident, shareholders suffered, but the pay of chief executives increased.

Dr Daniele Bianchi and Dr Onur Tosun, both Assistant Professors of Finance at Warwick Business School, analysed data breaches at 41 publicly listed companies in the US between 2004 and 2016 for their paper, "Cyber attacks and stock market activity."

Focusing solely on breaches reported by the media, including stolen hardware, insider attacks, poor security and hacking, the researchers noted that they occurred at big companies, with an average turnover of US$35.4 billion.

In most cases, it was observed that the share value and liquidity of a firm dropped significantly on the day a breach was disclosed and on the day after, but this vanished after two days.

In general, the breach had a generally long-lasting impact on the way firms were run, as they typically paid lower dividends and invested less in research and development up to five years after the attack, according to the research.

More pointedly, they were no more likely to fire their chief executive. On the contrary, bosses were more likely to receive an increase in total and incentive pay several years after a security breach. In contrast, average CEO pay at firms that were not targeted by hackers fell by more than $2 million per year over the same five-year period.

Bianchi said: "Firms that suffer a data breach do not typically respond by firing the management, but by investing more in the existing CEO. At first sight, these results may look puzzling.

"However, they are consistent with the idea that the average response is to invest more in the management to address possible structural flaws, as well as maintaining the integrity of the firm in response to the reputational damage it has suffered.

"In the long run, security breaches appear to have a more significant impact on firms' strategies and policies than their cash flow."

As an example, the researchers cited the impact on Sony Pictures after hackers Guardians of Peace stole copies of unreleased films, emails, and the personal information about employees and their families in November 2014, and the share price plunged more than 10%.

Dr Tosun said: "Incidents of security breaches that reveal sensitive and confidential information can lead to litigation and government sanctions, but also to a loss of competitive edge against competitors through a reduction of resources dedicated to R&D, dividend payments, or investments more generally.

"For this reason, companies are often reluctant to reveal information about security breaches due to fear of both short-term and long-term market reactions. However, many firms won't have a choice with tighter regulations demanding that firms report data breaches within 72 hours.

"Cyber security will, therefore, become an increasingly important consideration for companies to avoid the damaging fallout once a breach is made public."

CHIEF DATA & ANALYTICS OFFICER BRISBANE 2020

26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more

DOWNLOAD NOW!

David Heath

David Heath has had a long and varied career in the IT industry having worked as a Pre-sales Network Engineer (remember Novell NetWare?), General Manager of IT&T for the TV Shopping Network, as a Technical manager in the Biometrics industry, and as a Technical Trainer and Instructional Designer in the industrial control sector. In all aspects, security has been a driving focus. Throughout his career, David has sought to inform and educate people and has done that through his writings and in more formal educational environments.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments