Cyberattacks – Who Has the Greatest Financial Risk

According to Moody’s U.S. credit ratings report, the market segments that face the most significant financial impact from cyberattacks leading to a weakened credit profile are banks, hospitals, securities firms and market infrastructure providers. According to the Moody’s U.S. credit ratings report “In our view, cyber risk is event risk, and we see a rising tide. Digitization continues to increase; supply chains are becoming more complex and attacker sophistication is improving. However, the universe of cyber threat actors remains the same: socially motivated attackers – hacktivists – criminals and nation-states.” According to Moody’s, “the financial impact of a cyberattack could include the cost of insurance, the effect on customer behavior, litigation costs, fines and impact on technology infrastructure and R&D spending.”

Among companies cited by Moody’s as being financially impacted by breaches and cyberattacks were FedEx, Merck & Co and Alegrity.  Moody’s assessment of hospitals stated, “For hospitals, our assessment primarily reflects the sensitive and essential nature of the data collected and used by these entities and its attractiveness to hackers, as well as vulnerabilities emanating from increasingly connected medical devices.” For banks and financial firms Moody’s detailed, “Banks are at high risk because they hold the data and funds of private clients and they provide access to their services through multiple online and digital channels. Securities firms, including capital markets firms, are also at high risk. They are appealing targets for cybercriminals aiming to carry out large-scale theft as well as sophisticated attacks designed to create operational disruption or garner publicity. A successful attack on large, systemic banks could pose a system wide risk, reflecting their high degree of interconnectedness.”

It is now apparent that not only do breaches adversely affect an organizations reputation and fines due to regulation compliance, but their credit worthiness as well. And just like sanctions passed through by credit card processors for allowing fraudulent transactions, the ability to raise capital may soon be a long-term consequence of data breaches. To mitigate such current and future scenarios a proactive system using Spirion for protecting your data at rest and in use is mandatory.