How Poor Cybersecurity Can Affect Brand Reputation

Reputation 

What assets first come to mind when considering a business? Perhaps tangible assets or physical properties – perhaps cash accounts, buildings or land.  

Take a moment to consider this - reputation. Any business only runs as smoothly as its reputation allows, and irrespective of the quality of services or the efficiency of infrastructure in place to assure a successful enterprise, if brand reputation is poor, the business will not thrive. 

One of the biggest cybersecurity concerns for any business with an online presence is the affect is could have upon its brand reputation. EMEA CTO of Veracode, Paul Farrington, stated the following in and interview with Intelligent CIO Europe: 

“Reputation is an immeasurable asset to any company. A survey by Gemalto of 10,000 individuals found 70% would stop doing business with a company that had experienced a data breach. Not only does it increase sales and aid with employee retention, it also impacts a company’s valuation and plays a vital role in the level of customer trust created through a brand’s identity.” 

““Although cybersecurity incidents make headlines daily, companies still aren’t doing enough to act on vulnerabilities that could be detrimental to their reputation. Only 58% of businesses have taken action towards implementing five or more of the government’s 10 Steps to Cyber Security. In a GDPR world in which the average business is aware of data security best practices and look to partner with businesses they trust to help them prevent attacks, it is vital companies have the ability to demonstrate verifiable processes they take to secure their software.” 

So, what exactly are the brand reputation risks posed by poor cybersecurity and what can be done to mitigate them?  

Types of cyber-attacks and their impacts 

• Data breaches/Leaks 

The biggest destructive impact of a data breach is arguably the impact upon the brand’s reputation. Tim Orchard, the managing director of F-Secure states, 

“Perceptions of inadequate cybersecurity can have a huge impact on a company’s reputation, especially in the event of a data breach or other security incident. 

The TalkTalk data breach is one of the most high-profile examples. The company took an enormous amount of negative press as a result and its share price plummeted more than 20% in the following weeks. The breach cost the company more than £77 million in total, including a £400,000 fine from the Information Commissioner’s Office.” 

Not only will the business suffer the consequences of leaking the sensitive data in terms of fines and potential sanctions from governing bodies, the negative press and public backlash will destroy the brand’s reputation and integrity, amounting to huge losses in future customers and revenue. 

• Denial of Service attacks (DDos) 

Denial of service attacks are a construct in which a site is bombarded with traffic/requests to slow it down or take it offline. 

DDos attacks can not affect brand reputation in two main ways – both pertaining the denial of service to customers. If a customer is trying to navigate a site, which is painfully slow as a result of DDos requests/traffic, the chances that the customer will finalize their surfing of the site with a purchase of an item or service are low. Not only this, but if the site running slowly and resulting in poor user engagement is regular occurrence, the chances these potential customers will return to the site is slim. Furthermore, sites such as Trustpilot will soon be bombarded with negative reviews, customers experiencing crashes or long wait times will report this and the brand reputation, consequently, will be damaged. 

In extreme cases in which a site is taken completely offline, any customer trying to access it will be sure to not try again, especially if review sites as mentioned above note that services are down often. 

• Phishing Adverts on the site 

One of the most integral parts of any ecommerce website or business operating online is the look and feel when surfing the site, as mentioned above. If a business allows for third party advertising on their site, this needs to be adequately monitored and vetted. 

Poor choices in advertising campaigns on a site can be extremely destructive to the integrity and reputation of the brand. Most potential customers would be instantly deterred from surfing the site if the landing page was littered with inappropriate adult adverts, but this is not the only instance which could weaken brand reputation. Gambling adverts, alcohol, smoking, even just adverts pertaining to a domain completely irrelevant to the one it links from are not wise. 

Finally, and most importantly, some advertisers could actually be running phishing scams via adverts on the site. Upon clicking a link on the business’ page, customers could fall prey to malware being downloaded on their device, or being led to a site which will steal their credentials, or grab their IP address. The responsibility of this cybercrime would fall on the site which advertised the scam, and brand reputation would be extremely damaged. 

Securiwiser can help a business  stay safe in the cyber world via its daily monitoring of cyber threats, including those raised in this article. Start your free trial today by clicking here.