Why is the social
impact of cyber
security important
to business?

Author: Poornima Apte

Though the financial costs of a cyber attack are steep, the social impact of cyber security failures is less readily apparent but can cause lasting damage to customers, employees and your company.  Business and IT leaders reviewing their security investments should be mindful of how the impact of cyber security affects society as well as the bottom line when they are calculating the potential impact of a breach.  Underestimating either impact can destroy a brand.

Consumer mistrust

Cyber security risks have taken a toll on consumer trust. For example, 2 out of 3 Americans said they were worried about their information being breached during the 2020 holiday season.

Even if last year did see U.S. consumers increasing online spending by 44% compared to the previous year, many are ready to punish brands severely if a breach does occur. In fact, a quarter of consumers said they would completely stop engaging with a brand that experienced a breach.

Psychological effects

Data breaches or unclear cyber security protocols also have hard-to-measure psychological effects. The 2017 WannaCry ransomware attack led to critical infrastructure impacts. When the U.K.'s National Health Service was breached, for example, surgeries had to be rescheduled. Cyber attacks can be traditionally viewed as affecting only financial institutions and not everyday individuals, but the WannaCry example made the problem real for many people. It showed how it could expose vulnerabilities in basic infrastructure and, therefore, increased anxiety for many.

When considering how cyber security affects society, it's important to look at the daily professional lives of employees as well. The laundry list of protocols employees need to routinely follow, from multi-factor authentication to the careful monitoring of emails, can also increase stress and fear about the consequences of one mistaken step.

Widespread disruption

The social impacts of a cyber breach can also be gauged by the service disruptions they cause. Depending on the nature of the breach itself, these interruptions might be wide-ranging or localized but are nonetheless very real and frustrating for the people they directly impact.

In 2019, 22 towns in Texas sharing a software vendor were the target of a cyber attack. The attackers asked for a ransom of $2.5 million for the restoration of administrative services, and residents of these towns could not access records or pay utility bills while under siege.

Third-party software was again a target for a much more extensive breach of top U.S. government agencies, including the Departments of Energy, Homeland Security, Defense and Commerce. The Sunburst hack, as it came to be called, highlights another challenge with cyber attacks: Their effects can be insidious and unfold slowly over time.

Changing regulatory landscape

The social impact of cyber security manifests in the changing regulatory landscape, as well. In the U.S., a fractured approach by different states increases pressure on businesses and arguably has an impact on the customer experience. Within companies, too, the chief information security officer might have a different mandate for data from software engineers, which can stifle innovation.

When it comes to how cyber security affects society, enterprises need to factor in the many intangible effects of cyber attacks and the increased vigilance needed to prevent them. A cyber attack costs more than just the immediate price of putting out the fire—it can severely damage brand reputation and shake the confidence of the public. Worse, the effects can be insidious and long-lasting, making them difficult to measure accurately. But neglecting to do so can muddy the true costs of doing business in today's digital landscape.

Learn more about the latest trends in the cyber security landscape.