As the financial leader of your company, you know that customer data, employee data, and intellectual property, are not just your greatest assets, but also, the key targets of cyber attack. While inclined to take any and every measure possible to protect your company’s valuation and assets, once it comes down to truly analyzing the numbers, it is a complex challenge in cost containment when you consider the growing number of potential systems to implement, regulations to keep up with, and profound web of risks to ongoingly quantify and mitigate.
For a CFO in the modern IoT-driven market, cyber security may now be the single most influential points to consider when evaluating insurance needs and how to protect your company’s valuation, proprietary claims, and financial health.
Examples of Corporate Breaches
- In 2015, a hacker group known as the “Guardians of the Peace” lifted over 100 terabytes of information from Sony Pictures Entertainment’s servers; employees’ social security numbers were obtained, a number of sensitive emails dispersed for public view, and unreleased films leaked across the internet. The result: Sony suffered over $41 million in losses and the incident negatively impacted US – North Korea relations for years to come.
- In 2012, the German company SolarWorld was infiltrated by a group of Chinese hackers through IP theft. The criminals were able to swipe valuable proprietary research in addition to sensitive personal information from executive chiefs, giving Chinese competitors significant advantage over the German company. The breach cost SolarWorld AG a staggering 35% on the market translating to a loss of €178 million.
- In 2014, hackers gained access to nearly 56 million payment cards and close to as many emails while also successfully breaking into and infecting Home Depot’s sales devices. In addition to the $200 million in insurance payments to customer casualties, Home Depot took a $300 million loss, was constrained to hire hundreds of new staff, and required to dole out enormous loads of cash for fines, upgrades, and legal fees.
These challenges notwithstanding, the need to prioritize and operationalize the cyber security of your company is becoming increasingly critical. 2018 data cited by Whitehouse.gov and the Ponemon Institute show that an average firm will suffer 130 security breaches a year and that the average cost of a cyber attack in 2018 was $3.86 million. Still, this number does not fully capture the magnitude of loss when considering the additional aspects that one cyber attack can impact: there are costs for repairs to systems and operations, incentives to rebuild company reputation and valuation, monetary allocations to future security measures, increased insurance premiums, and hard-hitting losses to revenue and stock price.
So how do you, as your company’s fiscal captain, decide:
- What measures are worth the investment while still ensuring that overarching organizational behavior remains channeled toward revenue generation?
- To what extent do you fund resources in a never-ending game when cost containment simultaneously remains a priority?
- How do you operationalize, prioritize, and invest for the security of your company’s future while continuously improving your company’s valuation and reputation in the world today?
How We Can Help
Maxxsure tools provide an understanding for your company’s specific needs for risk mitigation so that you can make informed decisions with the confidence that you are protecting your company, partners, shareholders, and consumers with quantifiable data with expertise. By using a holistic model based on a 6-pillar foundation for building a cyber security profile, Maxxsure quantifies your cyber risk with its M-Score while arming you with a sustainable and repeatable process for managing remediation, monitoring, and transference. Moreover, Maxxsure’s metrics generate a unique diagnostic for your company, complete with controls that serve as guardrails so you can focus your resources in the most effective ways. By identifying your company’s vulnerabilities and helping you to optimize your resources, Maxxsure’s far-reaching security tools and controls allow for your company to operate at full-speed so that you can maintain company focus on revenue generation.
To be sure that you can drive company focus to where it matters, you will always be partnered with expertise from Maxxsure. The Maxxsure team will supplement your use of their M-Score and Dashboard with advisory services on how to forge a path to operationalizing a Risk-Aware LifestyleTM. This entails providing direction on how to prioritize tasks, defining what measures to adopt and when to apply them, and identifying what remaining risk to transfer through purchasing cyber risk insurance.
Take Control Today
The time is at hand to inform yourself and your company on your cyber security risk and to identify opportunities for improvements. The SEC has recently issued a statement calling for all publicly-traded companies to disclose cyber risk factors and vulnerabilities in a timely manner, responding to those companies who have failed to do so in due time with fines and fees. While the article presents an added measure for CFO’s to undertake, this warning spawns from the indisputable risk that cyber attack imposes upon all industries. It is now necessary for your company’s entire senior leadership team to unite at the forefront of cyber-related risk and its potential costs to the company, partners, shareholders, and the industry itself. In an environment with risk unavoidable, disclosure imperative, and cyber attacks inevitable, Maxxsure offers the most proactive and agile solution to measuring that risk and determining with quantifying tools, how and when to act. Take control of your company’s financial future through actively measuring and managing your cyber risk today.