〈   Governance and cyber risks

Chapter 1.2

Impacts of cybercrime

Cyberattacks can have significant consequences for companies. Consequences can be categorised into direct, indirect or intangible impacts.

Direct costs
Direct impacts include costs related to investigation of the attack and to remediation, such as fees of third-party experts. Regulatory penalties can also result in significant costs for companies, in particular in the context of the GDPR where penalties can be up to 4% of worldwide turnover in the event of a privacy breach. The damage suffered can also be considered as direct impacts. The average cost per individual Les sanctions réglementaires peuvent également entraîner des coûts importants pour les entreprises, notamment dans le cadre du RGPD où les sanctions peuvent aller jusqu’à 4% du chiffre d’affaires global en cas d’atteinte à la vie privée. Les dommages subis peuvent également être considérés comme des impacts directs.

Indirect costs
Indirect costs include fraud, class action lawsuits and the increase in the cyberinsurance premium, loss of customer confidence or a general loss of reputation. These consequences can entail significant financial costs for companies.

Intangible costs
Intangible costs are perhaps the most difficult to quantify, but they too have a significant impact on companies. They include damage to the brand, such as difficulty in attracting new customers. Changes in management teams and a reduction in the company valuation can also be considered intangible costs.

2023 © Trust Valley. All rights reserved.