From the £99m levied against Marriott hotels to the £183m penalty slapped on British Airways, it tends to be the eye-watering fines that make the headlines. But new research has once again highlighted the long-tail impact of poor cybersecurity a business’ reputation.

In a survey of 207 business people responsible for managing cyber risk at their company, 38% admitted that they have lost business because of a poor security performance.

And it’s not just a company’s actual security hygiene that loses them cash – even the perception of sub-par cybersecurity is enough to put off customers.

Conducted by cybersecurity ratings firm BitSight and market research company Forrester, the study also found that 80% of surveyed customers experienced a cybersecurity incident in the past year alone.

The findings closely match the results of a survey conducted by Radware earlier this year. In it, 43% of surveyed companies reporting that they received a loss of reputation loss because of a successful cyberattack.

Preventing poor cybersecurity with the right metrics

Demonstrating how intertwined cybersecurity and wider business performance are, around three out of four people in C-level positions said that improving security would “greatly or significantly improve company financial performance”.

How well do you really know your competitors?

Access the most comprehensive Company Profiles on the market, powered by GlobalData. Save hours of research. Gain competitive edge.

Company Profile – free sample

Thank you!

Your download email will arrive shortly

Not ready to buy yet? Download a free sample

We are confident about the unique quality of our Company Profiles. However, we want you to make the most beneficial decision for your business, so we offer a free sample that you can download by submitting the below form

By GlobalData
Visit our Privacy Policy for more information about our services, how we may use, process and share your personal data, including information of your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.

“Financial success, brand perception, business continuity and company reputation now all hinge on security performance,” said Tom Turner, CEO, BitSight.

“But in order to effectively manage performance, you have to measure it. We think this study should serve as a wakeup call for security leaders and their executives and boards to take a close look at their strategies for security performance measurement and reporting – after all, their businesses are now on the line.”

The survey also laid bare the importance of measuring security performance in a way that provides practical value. While 63% said they had introduced metrics, four out of the top five “lack context and paint an incomplete picture of security performance”.

This included metrics such as the number of malware incidents blocked and the number of data loss prevention incidents.

The study, titled ‘Better Security and Business Outcomes With Security Performance Management’, can be found here.


Read more: Natwest and RBS IT glitches “may result in reputational damage”