Cyber Attacks – The Big Reputation Risk for Companies

Cyberattacks not only affect companies' operations but also threaten their reputation. Read why this is so dangerous.

Apr 19, 2022 - 4 min.
Picture of: Branka Miljanovic
Branka Miljanovic

It can take several years to successfully bring a company to market but a single misstep can severely damage its reputation in a matter of hours. The fast-paced nature of digitalisation means the number and variety of potential risks are very high: Delayed deliveries, chaos on social networks or negative reviews on online rating portals can all lead to bad press. But the consequences of cyber attacks are even more far-reaching as they can put the long-term reputation of the company at risk in a worst-case scenario. Why? Trust in the company has evaporated, among shareholders as much as customers. Read here to find out how this can impact the success of a company. 

Cyber attacks are the major threat that will make companies in a wide variety of industries tremble in 2022. Regardless of the size of a company, more and more hackers are making a game of messing up meticulously planned delivery times via DDoS or ransomware attacks and – in the worst-case scenario – can topple an entire industry. The result: Information and production systems get blocked, data is siphoned off and money can be extorted. This is also confirmed by the representative study conducted by the digital association Bitkom. It shows that damage wrought by ransomware in 2021 was four times higher than in 2018/2019. Expressed in figures this amounts to a loss of €223 billion lost by the German economy each year due to criminal cyber attacks. It’s a new record and means that nine out of ten companies fell victim to hacker attacks in 2020/2021 at least once. What’s more, this is only the beginning of cyber attacks. Companies have their work cut for them in the years ahead. 

Hacker attack successful – what to save first? 

From a business perspective, resuming production after a hacker attack would appear to be the number one priority. But the loss of trust in the company caused by the cyber attacks are even more serious: if those affected aren’t given the full picture, the information isn’t provided quickly enough or no communication is forthcoming whatsoever – and the attack only comes to light through media exposure – public trust is lost and the firm’s reputation is impacted negatively. 

It shows that the consequences of reputational damage following cyber attacks are more wide-ranging and complex than first suspected. Because in addition to the loss of trust, the company can even lose important business partners and jeopardise its competitive edge in a worst-case scenario. But why is reputation such a sensitive issue for companies? 

Reputation – what the public thinks of a company

Reputation has to do with the standing a company enjoys with respect to its stakeholders including staff, customers, shareholders and the public. It’s the sum of all opinions about the company and combines both past experiences and future aspects. Reputation is based on the criteria of credibility and trust – which is why it’s largely responsible for the success of a company and part of symbolic capital. It can even be decisive in whether somebody chooses to make a purchase if the quality of the product or service cannot be ascertained at first glance. 

The explosiveness of reputation crises

The causes of risk to reputation are varied: Starting with a cyber attack, they range from attacks on data inventories or IT infrastructure, problems to do with working conditions or product quality to needing to implement recalls. All of these factors can result in a company’s reputation eroding and trust being damaged. 

The result can be an irreparable loss of reputation that impacts both the success of the company and its share price. In any case, it can quickly lead to a company becoming unable to cope – no small wonder considering the speed and scope of such a reputation crisis. As such, protecting one’s reputation should be of paramount concern and a key component of corporate risk. 

Five serious consequences of a loss in reputation 

  1. Time effort
    The time required to repair a loss of reputation is enormous for companies and is often underestimated: Extensive internal checks must be carried out in addition to the usually lengthy communication with all contact persons and the public. How were hackers able to get into the system, what was damaged or stolen, how can the IT vulnerabilities be closed off, and how can the security level be further increased?
  2. A damaged reputation
    Once a company’s reputation has been damaged, the trust of business partners and customers can evaporate very quickly. This loyalty needs to be rebuilt and fast – an often laborious task. It becomes even more difficult when it comes to a loss of image and the loss of sales this entails. It takes time and honest and transparent communication to reconnect with the target group and win them back – patience is required.
  3. Financial consequences
    Besides the immediate financial consequences from a loss of data, companies also need to contend with the long-term operational losses that come with reputational damage. Because in addition to the costs of business interruptions, companies are also faced with new extra costs. These include external consultants or specialist agencies which are often commissioned following a loss in the image to help overcome the crisis. Employing new IT specialists to raise security levels is also a frequent occurrence. Larger corporations can keep on top of these types of extra costs. With their fewer resources though, SMEs can find that repairing a loss in reputation threatens their very existence. 
  4. Long-term damage
    Unpredictability also plays a major part in the complexity of crises: it’s very difficult to estimate when a crisis will hit and when it will ultimately be over. For instance, stolen data can turn up online months or years after a hacker attack followed by attempts at extortion. The companies affected will therefore be afraid of such a scenario for a long time to come.
  5. Loss in loyalty
    The Internet never forgets – an old saying, but it proves to be true when companies are confronted with bad press and data scandals. Because once a cyber attack on a company becomes public, the news spreads like wildfire. The company will find it takes some time to break the association between their brand and the hacker attack. Only through active communication, dialogue with relevant stakeholder groups and, most of all, transparent actions can the negative associations be replaced by positive ones. 

Higher cyber security – lower reputational risk

If one thing is certain, it’s that cyber security should be a company’s utmost priority. The consequences of a hacker attack on profitability, the reputation of the company and thus its long-term success are too serious. Of course, not every reputational risk can be fully prevented as the many influencing factors would make this impossible. But simple, open and transparent communication – supplemented by extensive IT security measures – can help to fix a positive image in public perception. This creates a solid basis in terms of credibility and trustable to withstand a possible crisis in reputation and unaffected in the same way as without such preparation.

 

Cybercrime: How to Protect Your Business