The Impact of a Cyber-Attack
The impact of a cyber-attack can be devastating to a company and its customers. We see it far too often in the news now days. Some retailer, bank, the government, or any business with a computer is put at risk of divulging information because someone found a way into their private, firewalled system/network. Some of the hardest hit companies like Target, US Bank, Bank of America, PNC Bank, EBay, and Domino’s. Most recently the IRS and US Office of Personnel Management (OPM) servers have been breached. All of which now have to take measures to prevent an attack from happening to them again. However, there is a lot more to it than fixing the problem.
Software upgrades are essential. Improved training employees specific to cyber security and deeper background checks on new hires will need to become standard practice. Continuous monitoring and auditing will be required. These are all an added cost to these corporations (and government).
All of these companies have had to issue apology letters to all of their customers. In that letter they explain how they are going to try to prevent future attacks. They also state that if there are any costs to the customer regarding repairing their credit, they will take care of those costs. If they have a card (ie Target Check Card, bank issued VISA) that was used, the companies will reissue the cards with new account numbers. If a credit card was used in a retail establishment (ie Master Card used at EBay or Domino’s), the customer would need to ask for their credit card company to reissue a card with a new account number. This costs money and time.
Vital personal information was stolen from the IRS and the OPM. The data taken may include Names, Social Security numbers, dates and places of birth, Job assignments, training files, performance rating, and current and former addresses. They are offering the same as public corporations; however, there is a much deeper issue that needs to be addressed. Many are claiming China is to blame for the data breach. If it was China, North Korea, or whatever government, the fact remains the data stolen and it has information on Secret Service officers, secretaries of high ranking officials and cabinet members, pretty much anyone who holds a federal security clearance. This is a big problem and the expense to rectify it will be in the millions possibly billions.
So, we have costs of new/updated software, training and training plans, background checks, monitoring, auditing (internal and external), sending letters/notices to customers, repair of customer credit, and reissuing of credit/debit cards, but who absorbs these costs? Initially, the companies take on these costs. In the long run, the consumer ends up paying for it all out of their pocket. The costs are always going to trickle down to the little guy.