American businessman and philanthropist, Warren Buffett, once said: “It takes 20 years to build a reputation and five minutes to ruin it. If you think about that, you’ll do things differently.”
This quote couldn’t be more relevant today with regards to how much damage cyber-attacks can cause in as little as five minutes.
The devastating effects of cyber-attacks
Cyber-attacks can cause all sorts of problems for financial management firms. It’s not just the fact that once a breach has occurred the company will likely incur operational down-time in their day-to-day activities which will cost them financially as well as the cost of the cyber-security improvements to fix this. According to a report by Kaspersky, 40 per cent of all the financial losses a business incurs following a cyber incident comes down to reputational damage alone and according to a study reported by Forbes in 2019, a security breach can lower a company’s share price by 7 per cent.
Reputation is hugely important for financial management firms. The relationship between clients and firms relies on the client trusting the firm with highly sensitive and confidential information. In addition, people trust word-of-mouth and recommendations from friends. Today, thanks to technology, customers and potential customers have access to online reviews, social media, and forums to do their research on who they want to do business with and which companies they want to trust their information with, or give their money to.
Cyber-attacks are increasingly on the rise
The Covid-19 pandemic led to an increase in people working from home as well an increase in electronic trading in the financial industry. As Cyber security experts predicted, cyber-attacks also increased and according to cloud technology firm VMware, attacks against the financial sector increased 238 per cent globally from the beginning of February 2020 to the end of April, with 80 per cent of financial institutions reporting an increase in cyberattacks. Cybercriminals look for the maximum impact and maximum profit which means that Financial Management Firms that keep highly valuable data are a prime target.
Customers and clients need to be able to rely on the companies they choose to be able to keep their information safe and secure. This is particularly true of financial firms. When cyber-attacks have happened in the past it is not just money that cyber-criminals have stolen, but data, passwords, addresses, birthdates, and credit card numbers all of which can be detrimental to the customers affected.
The financial implications
In 2016, the UK’s Financial Conduct Authority (FCA) gave out its first fine in response to a cyber-attack. The authority fined Tesco Personal Finance plc (Tesco Bank) £16.4m for its failures which allowed cybercriminals to use an algorithm to generate authentic primary account numbers of debit cards issued by Tesco Bank. They then used these to make contactless transactions from Brazil and stole £2.26m from 9,000 customer accounts in the space of 48 hours.
Since then, there have been other notable cyber-attacks and not only have the companies had to deal with the devastating effects of this, but they have too incurred fines from the FCA.
According to the Government’s Cyber Security Breaches Survey 2021, last year saw an “increase in the proportion of businesses with some form of cyber insurance.” The report stated that “one of the drivers behind this uptake is the framing of cyber security breaches as an existential threat to organisations – they recognise that they may not have enough money in the bank to fund a recovery, or the specialist skills to deal with incidents or reputational damage on their own.”
Trust is key
IBM’s 2020 Cost of a Data Breach Report found that “Lost business costs accounted for nearly 40 per cent of the average total cost of a data breach, increasing from $1.42 million in the 2019 study to $1.52 million in the 2020 study. Lost business costs included increased customer turnover, lost revenue due to system downtime, and the increasing cost of acquiring new business due to diminished reputation.”
For any business to succeed, trust is key. If a financial firm loses its customers’ trust, then it may never recover from this. Part of this is also how a company handles a data breach or cyber-attack and being dishonest about it or not disclosing the full details of an incident can cause an even great loss of trust.
Do you know whether you’re covered in the event of a cyber attack?