Profile picture
Jake Williams @MalwareJake
, 9 tweets, 3 min read Read on Twitter
This is drawing a lot of ire from the infosec crowd because there's no obvious causality. We SHOULD be careful not to assign causality where there is none. But this data IS valuable and we shouldn't dismiss it because it lacks a causal link. 1/n
comparitech.com/blog/informati…
The study authors note that the biggest problem with this sort of study is the sample size is small. There simply are not that many publicly traded companies that have suffered significant breaches available to study. There are also many factors, making causality difficult. 2/n
Some interesting takeaways: Stock price goes down immediately after a breach, but recovers quickly after. This doesn't surprise me at all. @RenditionSec works a lot of breach cases and this tracks with our experience in privately held companies. 3/n
Most of our customers who suffer a breach lose some business short term. But we've noted a sort of Streisand Effect with breaches that are publicly disclosed. The organization that has the breach gets a bunch of free media coverage (albeit negative) and that hurts short term. 4/n
But a few months later, the company has better name recognition due to the media coverage and few can remember why they've heard of the breached org. They do business with org because of name recognition. Behavioral economists call this "familiarity bias" 5/n
The familiarity bias continues to have an impact, but orgs must innovate to stay ahead of their competitors. A breach distracts them from that innovation and largely puts them in survival mode, where the breach takes focus away from long term innovation and business thrusts. 6/n
This leads to long term (2-5 year) underperformance against their competitors. The study cited in this thread seems to confirm this, noting that the 3 year performance is below the NASDAQ average. Note that at 3+ years, there are many other factors that may impact share price 7/n
This is a tough problem to study. I applaud the authors for putting it together. I will suggest that most infosec pros calling this FUD read a story about the report, not the report itself. We need more data in the industry and this is a GREAT example of it. 8/n
Of course this study isn't perfect, none ever will be. But this shows that there is a positive correlation between breaches and market performance. Do what you will with this data, but let's celebrate that we have the data in the first place. 9/9
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Jake Williams
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member and get exclusive features!

Premium member ($30.00/year)

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!