Information security incidents have cost enterprises more than $US200,000 in the last year, while the average cost incurred per incident by small and medium-sized businesses was more than $US8,000.
Over 5,500 IT specialists from 25 countries participated in the study by Kaspersky Lab, with more than half (57 percent) admitting that these incidents had a negative impact on their company’s reputation.
Kaspersky Lab found that every second company affected by a data leak as a result of an information security incident suffered reputational damage.
Reputation damage depends directly on whether or not the incident becomes public knowledge with 22 percent of respondents stating that information about an incident at their company had leaked to the media and been made public.
“In a highly competitive environment, successful businesses are built on more than just efficiency and product or service quality,” says Konstantin Voronkov, Head of Endpoint Product Management, Kaspersky Lab.
“Having the trust of customers and partners can yield higher profits, and a spotless brand reputation plays a key role in establishing that trust.
“The loss of consumer confidence in a business often leads to lower profits, and sometimes to bankruptcy.”
Voronkov says the extent of reputational damage can be measured by the amount a company has to spend to restore its image - for example, every fourth company (24 percent) was forced to seek assistance from external PR consultants.
Interestingly, over the last three years, Voronkov says businesses have begun to pay more attention to a positive reputation.
Compared to 2013, the number of those turning to third-party communication consultants for help has increased by more than five percent.
“It doesn’t matter how big or small your company is - a damaged reputation can harm any business equally,” Voronkov adds.
“In these circumstances, it is important to take all possible measures to ensure information security.
“Complex multi-tier protection of every element of the corporate IT infrastructure will help safeguard the company from both information leaks caused internally and hackers penetrating the network.”