The corporate world is facing a “perfect storm” in which cyber criminals could wipe billions from companies’ share prices just by using a smart device, a leading academic has warned.
Dr Dionysios Demetis, of Hull University Business School, said the threat of cyber crime had to be tackled at board level or some companies could go bust.
A new study has found that cyber security breaches can cause irreparable damage to companies’ share prices.
The report from IT consultant CGI and Oxford Economics has found that financial firms often suffer the most after a cyber attack.
Severe cyber security breaches caused share prices to fall on average 1.8 per cent on a permanent basis, the analysis of 65 companies affected since 2013 globally has found.
A severe breach is classed as an incident that hurt the firm’s brand because it had legal or regulatory consequences, involving the loss of hundreds of thousands of records .
Investors in a typical FTSE 100 firm would be worse off by an average of £120m after such a breach, the report said.
The report said that the overall cost to the shareholders of the 65 companies analysed would be in excess of £42bn.
CGI’s analysis compared each company’s share price against a number of similar companies, to isolate the impact of cyber breaches from other market movements.
Two-thirds of firms had their share price adversely affected after suffering a cyber breach. Financial firms were the worst affected, followed closely by communications firms.
Dr Demetis, who co-chaired the 16th annual security conference in Las Vegas, said: “Businesses need to pay increasing attention, as the problem is intensifying and we’re headed towards a perfect storm.
“With smart devices, everything will be vulnerable and can be used to attack businesses and individuals.
He added: “For example, researchers have successfully hacked smart pacemakers while others have used a smart fridge to launch a cyber attack on businesses.
“All manual operations are increasingly being replaced by automated tasks and digital data is gold. This elevates the need to deal with cyber security at a business level.”
Iain Clacher, an associate professor at Leeds University Business School, said it was “no surprise” that breaches in company security had a permanent impact on company values.
“We have seen examples in recent years of significant breaches resulting in loss of personal data,’’ he said
“This information is valuable to criminal enterprises, and some estimates of the cost to the UK economy is just under £11bn. From an investor point of view these things are akin to industrial disasters.”
David Morris, technology risk assurance director at RSM, said: “‘It just goes to show the wide ranging impact of cyber security breaches.
“Add into this the new General Data Protection Regulation (GDPR) that comes into force next Spring, which will bring in fines of non-compliance of up to €20m or four per cent of annual global turnover, and it highlights the additional financial pressure for businesses, if effective protection is not in place.”