Study Finds Data Breaches Have Long-Term Impact on Company Reputation

BIG linden > Insight & Innovation Articles > this article: Study Finds Data Breaches Have Long-Term Impact on Company Reputation

Study Finds Data Breaches Have Long-Term Impact on Company Reputation

A recent study has found that data breaches have a long-term impact on the reputation of companies.


Study from Interbrand and Infosys estimates that data breaches can lead to up to $223 billion in financial losses across the world’s top brands due to reputational, legal and other indirect costs.

Data breaches leave a lasting impact for any organization

Interbrand and Infosys released a report titled ”Invisible Tech, Real Impact”, which estimates that the world’s top brands across all industries could lose up to $223 billion due to data breaches. The study suggests that this figure is based on financial damage from reputational harm, legal costs, direct economic losses and other indirect losses following such incidents.

Ameya Kapnadak, Chief Growth Officer at Interbrand commented: “There are three factors of particular interest that a breach directly impacts: Presence, affinity, and trust.” he explained. 

“At the most basic level, a data breach instantly creates negative news about the brand, which can create a negative perception in social media and impact presence. We believe that the presence score is dented for every brand regardless of whether it is digital or physical,” he added.

The study was released in light of yet another massive hack, this time of Microsoft’s email software, estimated to have affected 60,000 known victims globally. The research concluded that businesses are paying a premium for digital platforms to enhance customer experience and data breaches can significantly damage this trust and loyalty.

Researchers explained that apart from the negative news coverage, there are also tangible losses associated with data breaches, such as financial losses due to remediation costs and lost customers. He added that companies must instill a culture of security by implementing robust cybersecurity practices, investing in technology solutions and regularly testing their systems for vulnerabilities.

“We need to all start looking at this through an ecosystem lens so we can protect our businesses, customers, stakeholders and partners better,” he said. “The only way forward is proactive prevention.”

The findings of this research can be extremely relevant to businesses and organizations.

“A study of 5,882 U.S. hospitals found that those that substantively adopted and deeply integrated IT security into processes and structures, rather than simply being symbolic adopters, could effectively reduce 37.8% of data breaches.”

“Contrary to our theorizing, the use of more IT security is not directly responsible for reducing breaches, but instead, institutional factors create the conditions under which IT security investments can be more effective.” Emily Block, PhD Associate Professor for the Alberta School of Business, Department of Strategy, Entrepreneurship and Management revealed.

Data breaches are becoming more common, and companies should prioritize cybersecurity protocols in order to protect their customer data as well as the company’s reputation. Instilling a culture of security and investing in technology solutions is essential for organizations, so that they can prevent costly financial losses due to data breaches, negative news coverage, and potential lost customers.

What’s the real impact?

“The largest and most salient breaches are associated with a 5–9% decline in reputational intangible capital following a data breach” reveals Christos A Makridis, Professor at the W. P. Carey School of Business at Arizona State University in the Journal of Cybersecurity.

“These effects are concentrated among firms in consumer-facing industries: smaller (larger) data breaches are associated with more positive (negative) effects” explains Makridis, Digital Fellow at the Digital Economy Lab at Stanford University.

Next steps for your organization:

Organizations should take the following steps to protect their customer data and reputation:

  1. Establish a cybersecurity team or committee responsible for assessing risks and implementing security protocols.
  2. Invest in secure technology solutions such as encryption software, firewalls, and enterprise authentication tools.
  3. Regularly test systems for vulnerabilities and fix any issues on detection.
  4. Educate your organization’s staff on safe online practices and making sure that everyone is kept up-to-date with security protocols throughout the organization.
  5. Develop incident response plans in case of a data breach so that you can quickly identify, contain, investigate, mitigate, and report any event related to data loss or unauthorized access of information within your system(s).

Best practices your organization should consider

All organizations are vulnerable to cyberattacks, and as leaders of these organizations, we must take proactive steps to prevent them.

We can train our employees on basic internet usage best practices, secure our networks with encryption and firewalls, use antivirus software and keep all software updated, enable Multi-Factor Authentication, monitor and manage Cloud Service Provider accounts, securely protect and back up sensitive data, control physical access to business computers by unauthorized individuals, backing up data regularly to cloud storage repositories on a weekly basis.

Appoint administrators for cloud storage drive and collaboration tools that can monitor user permissions in order to give employees access only to the information they need.

Executives should ensure that their organization is taking proactive measures to prevent cyberattacks by training employees, protecting their networks with encryption and firewalls, using antivirus software, enabling multi-factor authentication, monitoring and managing Cloud Service Provider accounts, securing, protecting and backing up sensitive data, and controlling data access.

7 crucial steps your organization should take to be more secure

  1. Train employees on basic internet usage best practices.
  2. Secure networks by encrypting information and implementing a firewall with antivirus software set up for automatic updates.
  3. Enable Multi-Factor Authentication or 2FA.
  4. Monitor and manage Cloud Service Provider accounts.
  5. Control physical access and restrict administrative privileges to trusted IT staff or key personnel only, regularly conducting access audits to ensure former employees have been removed from your systems.
  6. Back up sensitive data regularly including word processing documents, spreadsheets, databases etc., both locally and in the cloud if possible.
  7. Enforce strong passwords and use authentication tools such as two-factor or biometric solutions when available.

These steps can help create a secure environment where businesses can securely store and process sensitive customer data without fear of attack or unauthorized access.

Stay informed of emerging threats

Leaders need to stay informed on emerging threats so they can be aware of potential risks they may face when utilizing new technologies. It’s vitally important to have an incident response plan in place in the event any security incidents occur despite your best efforts at prevention.

Read Next:

Table of Contents

About the Author

Katrina Pfitzner

Katrina Pfitzner

Katrina is a developer, designer, author, and thought leader on topics including Data and Security. For more from Katrina, find her on twitter and follow her on medium.

All Posts
Matt Blalock

Matt Blalock

Matt Blalock is an accomplished Creative Director and Marketing Consultant, known for pioneering BIG vision and brand direction for leading organizations.

More Data and Security Insight

Data and Security support docs

Unleash exciting new tools and ways of decision-making for business leaders.

Capabilities related to this Data / Security article

Unleash exciting new tools and ways of decision-making for business leaders.
Prevent attacks, regain control of your WordPress website with Enterprise security solutions.


Get a 30 minute 1:1 consult with a BIG consultant and get a 7 page report on making digital work in your organization with key insight into paths for success and playbooks just for your unique needs.

Please understand not all requests can be met. Please contact us with any questions.