CGI has unveiled the results of an in-depth economic study entitled ‘The Cyber-Value Connection’, which shows that a typical ‘severe’ cyber security breach represents a permanent cost of 1.8% of a company’s value (as measured relative to a control group of peer companies). For a typical FTSE 100 firm, this equates to a permanent loss of market capitalisation of £120 million, signalling a significant loss of value for shareholders.
“As duly identified in CGI’s Global 1,000 Outlook report, cyber security remains a top priority for businesses, but business leaders, policy-makers and investors still have much work to do when it comes to taking cyber security risk far more seriously,” stated Andrew Rogoyski, vice-president of cyber security at CGI in the UK, in conversation with The Paper.
Rogoyski continued: “We’re beginning to see City analysts, venture capital firms and credit ratings agencies factor cyber security readiness into the way in which they assess firms. This is positive and should encourage Boards across the world to treat cyber security as an enterprise-wide risk.”
The study is based on economic modelling from Oxford Economics, which conducted an ‘Event Study’ analysing a sample of public cyber security breaches since 2013 across seven global Stock Exchanges based on information collated from the Gemalto Breach Level Index. A sample of 65 ‘Severe’ and ‘Catastrophic’ cyber security breaches was then analysed to indicate the impact of these more significant attacks on company share price performance.