Companies spend on average up to a year to restore their reputation following a data breach, according to a study released Thursday by the Ponemon Institute.
The survey of 843 US executives found that an organisation's brand value dropped between 17 to 31 percent following an incursion, depending on the type of information lost. Those polled estimated the economic value of their company's brand to be anywhere from $1 million to greater than $10 billion, with an average of $1.5 billion. Eighty-two percent of respondents said their company had experienced a breach involving sensitive or confidential information.
Depending on the type of information lost in the theft, companies, on average, lost between $184 million to more than $330 million in the value of their brand, according to the survey, sponsored by Experian.
Fifty-three percent of respondents said the exposures had a “moderate” impact on their company's reputation and brand image, while 23 percent said it was “significant,” according to the study.
“When a company has a breach, it is a hit to the trust people have in doing business with that company, now and in the future,” Experian director Ozzie Fonseca said. A firm's reputation and brand image is one of its most important assets, he added.
“Anything that can tarnish that brand will have an affect on the bottom line,” Fonseca said.
Respondents estimated that a data breach, which was widely reported by the media involving the loss of more than 100,000 confidential employee records, would likely result in a 12 percent decrease in brand value, on average.
Meanwhile, the loss or theft of a small number of sensitive files containing trade secrets, new product designs or source code would likely lower brand worth by about 18 percent.