Seven hidden costs of a cyberattack


Seven hidden costs of a cyberattack

There are many ways a cyberattack can affect— and cost—an organization, and the impacts will vary depending on the nature and severity of the event

Executive Summary

Common perceptions, however, are mostly shaped by what companies are required to report publicly—primarily theft of personally identifiable information, payment data, and personal health information. Discussions tend to focus on costs related to customer notification, credit monitoring, and the possibility of legal judgments or regulatory penalties. And thanks to important work done in this area, the industry is generally converging on the calculation of a “cost per record” for consumer data breaches.

Rarely brought into full view, however, are cases of Intellectual Property (IP) theft, espionage, data destruction, attacks on core operations, or attempts to disable critical infrastructure. Beneath the surface, these attacks can have a much more significant impact on organizations and lead to additional costs that are both more difficult to quantify and often hidden from public view. A new Deloitte study, “Beneath the surface of a cyberattack: A deeper look at business impacts,” recently outlined the depth and duration of cyber incidents in financial terms.² In this issue of CFO Insights, we’ll focus on seven costs that are not typically apparent and why it is important to include them in calculating the total cost of a cyberattack.

Inside Magazine - Issue 15 - June 2017

Inside is Deloitte’s quarterly magazine offering an exclusive insight into best practices, trends and opportunities faced by our clients across all industries.

Inside focuses on the main hot topics relevant for the market (Asset management, Banking, Insurance, Public sector, Healthcare, Private equity, Real estate, TMT, Manufacturing and consumer business, Transport and logistics).

Did you find this useful?