Beneath The Surface | Deloitte US has been added to your bookmarks.
Beneath the surface of a cyberattack
A deeper look at business impacts
Do leaders accurately gauge the impact a cyberattack can have on their organization? Do common assumptions about the costs and recovery process associated with data breaches paint a clear picture? This paper considers—in financial terms—the broad and extended business impact of cyberattacks, including both direct and intangible costs.
- Assumptions can be misleading
- Cyberattack impact factors
- Watch the video
- View the infographic
- Impacts of cyberattack
- View the infographic
- Cyberattack readiness
- Learn more
- Meet the authors
- Join the conversation
- Related topics
Assumptions can be misleading
Common perceptions about the impact of a
What does a
Look behind the scenes in two sample scenarios and see how business performance can be challenged over a multi-year period when a cyberattack occurs. In one case, a
Fourteen cyberattack impact factors
To gauge the potential impact of a cyberattack, there are 14 impact factors that business leaders should consider. “Above the surface” are direct costs commonly associated with data breaches. “Beneath the surface” are potential impacts that are less understood and rarely revealed to the public eye, many of which are intangible costs that are difficult to quantify, including damage to trade name, loss of intellectual property, or costs associated with operational disruption.
Video: Beneath the surface of a cyberattack
The long trail of cyberattack impacts
Beyond the initial incident triage, there are impact management and business recovery stages. These stages involve a wide range of business functions in efforts to rebuild operations, improve cybersecurity, and manage customer and third-party relationships, legal matters, investment decisions, and changes in strategic course.
Cyberattack readiness: From fear to confidence
Prepared with a more realistic understanding of the potential impact of a cyberattack, executives can invest in risk-focused programs to be more secure, vigilant, and resilient, and gain greater confidence in their organization’s ability to thrive, even in the face of a cyber crisis.