Written by Jake Olcott, VP of Communications and Strategic Partnerships, BitSight
In today’s evolving cyber risk landscape, Boards of Directors are becoming increasingly concerned about their company’s security performance. In fact, the NACD has found that 89% of public companies and 72% of private companies regularly discuss security at Board meetings. That’s because directors have become overwhelmingly aware not only that there has been a continual stream of data breaches in the last couple of years, but also that increasing regulation such as the GDPR has raised both compliance risks and public awareness of companies’ responsibilities for protecting personal data. Boards are being forced to acknowledge that the effects of a data breach go far beyond the direct hard costs, there is also a significant impact on customer trust.
To put some context around this, the Ponemon Institute Data Breach report published in July 2018 found that the average cost of a data breach has hit an all-time high of $3.86m, up 10% since 2014. However, according to the report, the hidden or indirect costs of a breach, including notifying customers and any subsequent loss of business, frequently far outweighed the direct costs of fines and legal undertakings. For example, companies that lost less than 1% of existing customers following a breach incurred an average total cost of $2.8m (£2.1m), while companies that experienced a churn rate of greater than 4% lost $6m (£4.5m) on average.
This considerable potential for financial loss means it’s not surprising that cyber-risk, coupled with reputation management, is rising up the board agenda. Directors are striving to understand and quantify cyber risk on the same terms as they assess strategic risk, compliance risk and operational risk. A further emerging concern for directors is the third-party risk to their business from its supply chain and wider business ecosystem – a compromise of any of those trusted partners could lead to a data breach or systems outage. A recent study by Gartner found that nearly 70% of Chief Audit Executives see third-party risk as one of their top concerns as we head into 2019.
So, how can companies mitigate these risks? Evidence from the Ponemon Institute report shows that organisations which are proactively focusing on building customer trust – both in advance and in the aftermath of a data breach – and raising it to a board level issue are better insulated against the reputational damage caused by breaches. They have reduced the number of lost customers, ultimately reducing the cost of the breach. For example, when a business deployed a senior-level leader, such as a chief privacy officer (CPO) or chief information security officer (CISO), to direct customer trust initiatives, they lost fewer customers and minimised the financial consequences of a breach. Additionally, organisations that offered identity protection to data-breach victims kept more customers than those that did not.
Cyber risk and customer trust – a growing CSR issue
Clearly, improving customer trust and demonstrating transparency are strategically valuable to companies, and it’s interesting to see how organisations are tackling this issue and communicating their progress to stakeholders. Of particular note is that cyber risk is no longer the sole preserve of the CIO. The wider potential impact of security failures and data breaches on customer welfare and business sustainability means that it has moved into the realm of corporate social responsibility (CSR).
One of our clients, energy company EDP, is currently the top-rated integrated utility company globally, having achieved the highest Dow Jones Sustainability Index score. They are committed to continuous improvement and transparency in CSR.
EDP has identified “improving trust” as a core strategic priority, stating that “trust is an asset that we want to reinforce”. The company therefore includes information about the initiatives undertaken and progress achieved towards that target in its annual reports. When it comes to cybersecurity, EDP recognised that the cyber risk in its extended supply chain should be proactively monitored to protect customers. The company has therefore adopted BitSight Security ratings to continuously assess its own cybersecurity performance and that of its ecosystem of third-party suppliers. This uniform assessment extends sustainability and security principles across the value chain.
By measuring security performance, EDP is driving continuous improvement among its suppliers and quickly identifying any emerging risks. This in turn influences shareholder value by strengthening customer trust and is the reason why the company chose to include its BitSight security rating in its annual CSR report.
Keeping it simple
Key to the success of reporting cybersecurity progress to stakeholders is simplicity. Cybersecurity reports can be complex and opaque – to the extent that even board directors struggle to understand them. An organisation may decide to “improve its security posture” or “change its risk profile” but it can be difficult for wider audiences to understand just what that means.
When reporting at overview level organisations need a simple metric that can be presented as a Key Performance Indicator. This provides a benchmark and can be used to set targets, then demonstrate progress over time. In the case of EDP, their initial BitSight rating on January 1st was 590, and they set a target to achieve a rating of 640 over the course of the calendar year. The actual rating they achieved by December 31st was 650, so they were able to clearly and simply demonstrate to a non-technical audience that they had successfully exceeded their target.
Of course, behind that single rating number is a comprehensive analysis into which board directors can delve to glean intelligence on compromised systems and vulnerabilities, security diligence and protocols, user behaviour risks, network infrastructure, and domain infrastructure issues. They can then identify areas for risk mitigation, improvement and investment.
Nevertheless, having that topline benchmark number delivers an at-a-glance indication of how the organisation and its ecosystem is performing. This helps board members quantify security risk more effectively and make informed decisions about issues such as required levels of cyber insurance coverage.
Trust as a business differentiator
In 2019, we’ll start to see the real impact of regulatory changes such as GDPR and the public profile of organisations that have suffered breaches will be seriously tested. I believe that we’ll see more companies become proactive about improving customer trust and transparency around cybersecurity and data protection, aiming to minimise the “soft” costs of breaches that, in today’s security environment, are inevitable.
As the way that cybersecurity is viewed by organisations and end users continues to mature and develop, we’ll see more and more companies strengthen their communications around cyber risk management, protection and preparedness, presenting trust as a business differentiator. They’ll make this part of their CSR programme as well as their security programme in a bid to mitigate risk not just on a financial level, but on a reputational level, too.
U.S. inauguration turns poet Amanda Gorman into best seller
WASHINGTON (Thomson Reuters Foundation) – The president’s poet woke up a superstar on Thursday, after a powerful reading at the U.S. inauguration catapulted 22-year-old Amanda Gorman to the top of Amazon’s best-seller list.
Hours after Gorman’s electric performance at the swearing-in of President Joe Biden and Vice President Kamala Harris, her two books – neither out yet – topped Amazon.com’s sales list.
“I AM ON THE FLOOR MY BOOKS ARE #1 & #2 ON AMAZON AFTER 1 DAY!” Gorman, a Los Angeles resident, wrote on Twitter.
Gorman’s debut poetry collection ‘The Hill We Climb’ won top spot in the online retail giant’s sale charts, closely followed by her upcoming ‘Change Sings: A Children’s Anthem’.
While poetry’s popularity is on the up, it remains a niche market and the overnight adulation clearly caught Gorman short.
“Thank you so much to everyone for supporting me and my words. As Yeats put it: ‘For words alone are certain good: Sing, then’.”
Gorman, the youngest poet in U.S. history to mark the transition of presidential power, offered a hopeful vision for a deeply divided country in Wednesday’s rendition.
“Being American is more than a pride we inherit. It’s the past we step into and how we repair it,” Gorman said on the steps of the U.S. Capitol two weeks after a mob laid siege and following a year of global protests for racial justice.
“We will not march back to what was. We move to what shall be, a country that is bruised, but whole. Benevolent, but bold. Fierce and free.”
The performance stirred instant acclaim, with praise from across the country and political spectrum, from the Republican-backing Lincoln Project to former President Barack Obama.
“Wasn’t @TheAmandaGorman’s poem just stunning? She’s promised to run for president in 2036 and I for one can’t wait,” tweeted former presidential candidate Hillary Clinton.
A graduate of Harvard University, Gorman says she overcame a speech impediment in her youth and became the first U.S. National Youth Poet Laureate in 2017.
She has now joined the ranks of august inaugural poets such as Robert Frost and Maya Angelou.
Her social media reach boomed, with her tens of thousands of followers ballooning into a Twitter fan base of a million-plus.
“I have never been prouder to see another young woman rise! Brava Brava, @TheAmandaGorman! Maya Angelou is cheering—and so am I,” tweeted TV host Oprah Winfrey.
Gorman’s books are both due out in September.
Third on Amazon’s best selling list was another picture book linked to politics and projecting hope: ‘Ambitious Girl’ by Vice-President Kamala Harris’ niece, Meena Harris.
(Reporting by Umberto Bacchi @UmbertoBacchi, Editing by Lyndsay Griffiths. Please credit the Thomson Reuters Foundation, the charitable arm of Thomson Reuters, that covers the lives of people around the world who struggle to live freely or fairly. Visit http://news.trust.org)
Why brands harnessing the power of digital are winning in this evolving business landscape
By Justin Pike, Founder and Chairman, MYPINPAD
Delivery of intuitive, secure, personalised, and frictionless user experiences has long been table stakes in digital commerce, well before the era of COVID-19. As businesses harness the revolutionary power of digital technologies, they have pursued large-scale change to adapt to evolving consumer preferences (some more successfully than others, but that’s a blog for another day). Digital transformation is a term we hear repeatedly, and it looks different for each organisation, but essentially, it’s about utilising technology and data to digitise, automate, innovate and improve processes and the customer experience across the entire business.
As I said, this was already well underway but then came 2020 and no industry escaped the disruption of the coronavirus outbreak, which has had an indelible impact on businesses performance, operations, and revenue. Regardless of whether the impact of COVID has been very positive or very challenging, it has forced organisations globally to re-evaluate and re-orient strategies to adapt.
As lockdowns and pandemic-related restrictions continue to change daily life, this raises the question of how we can balance a dramatic shift to digital and the benefits it brings, while ensuring business continuity and innovation both during and post-COVID, and protecting everyone against fraud?
Digital is an essential survival tool, and even more so in a COVID world
No one could have predicted the dramatic digital pivot that has taken place over this year. Indeed, within weeks of the COVID outbreak cash usage in the UK dropped by around 50%. Digital solutions including delivery applications, contactless payments, mobile commerce, online and mobile banking have become essential components of a touchless customer experience in the era of social distancing. It’s no longer just about an enhanced and superior customer experience, it’s also about health, safety and survival.
In store, businesses have benefited from contactless payments enabling faster throughput and reduced need for consumers to touch payment terminals (therefore requiring greater cleaning, which degrades the hardware much faster). Mastercard reported a 40% increase in contactless payments – including tap-to-pay and mobile pay – during the first quarter of the year as the global pandemic worsened. Digital has also become an essential sales channel for many B2C brands. Where brick and mortar stores have been required to close, digital commerce enables continuity of customer relationships and revenue. This channel also provides brands with rich customer data, which can be used to enhance and personalise the customer experience and typically results in greater levels of engagement and uplifts in revenue.
Industry forecasts estimate that worldwide spending on the technologies and services enabling digital transformation will reach GBP 1.8 trillion in 2023 – a clear indication that the process represents a long-term investment and a global commitment to digital-first strategy. The key point here is that digital brings significant benefits, and regardless of COVID, is here to stay.
The challenges that rapid digital transformation brings to businesses
Regardless of whether businesses are operating in developed or less-developed economies, these times of crisis have levelled the playing field in the sense that all businesses are facing similar issues. Access to products and supplies, maintaining customer relationships, accelerating sales for some and declining sales for others, health and hygiene are just a few of the unique challenges brought about by COVID.
Many businesses in physical environments have had to swiftly implement changes to significantly reduce safety risks for staff and customers, such as contactless payments, mobile ordering and delivery options. But with these changes come a host of other benefits of digitisation, such as faster transactions, and reduced human error at the point-of-sale.
The reliance on technology, however, can also expose organisations and consumers to certain vulnerabilities. In particular, the risks of fraud and cybercrime have dramatically increased since the onset of the pandemic as scammers have taken advantage of digital technologies to target both businesses and individuals.
As a McKinsey report illustrates, new levels of sophistication in the activities of fraudsters have placed more pressure on companies that have been previously slow to go digital, bringing “into sharp relief how vulnerable companies really are”, and damaging the financial health of small and large businesses. In fact, the Bottomline 2020 Business Payments Barometer reveals that only one in 10 small businesses across the UK report recovering more than 50% of losses due to fraud.
But take these stats with a grain of salt. While it is important to be aware of the risks and challenges this new business landscape brings, it’s equally as important to have a lens firmly across your own business, industry and audience, and to identify the changes you can make internally to mitigate risk as well as improve your customer experience. Where can you make some quick wins? Do you have the right skillsets internally to achieve what you need to achieve? What technology is out there that will enable your business goals? There are tech companies like MYPINPAD that are making huge strides in software development, which will transform businesses globally.
A digital world post-COVID
Almost a year in, the line between business success and failure remains fragile. However, an ongoing transition towards greater digitisation will be the difference between survival and the alternative.
There is a wide range of initiatives businesses can implement to weather this storm. If we look at the space MYPINPAD operates within, secure digital consumer authentication is crucial to the ongoing success and security of not only financial products but also identification and verification across a range of different industry verticals. Shifting the authentication of consumers securely onto mobile devices enables businesses to completely reshape their customer experiences. By bringing together a more seamless, frictionless customer experience, accessibility, privacy, security and access to consumer data, businesses are able to drive digital transformation across day-to-day activities.
Against this backdrop, software with stronger security standards continue to play an ever more vital role in supporting society, protecting consumers and businesses from the increase in risks that rapid digitisation brings. Already, merchants can deploy PIN on Mobile technology from companies like MYPINPAD, onto their smart devices to speed up the digitisation process many are now tackling.
Essentially, opening up universal payments and authentication methods that feel familiar, for both online and face-to-face transactions, will be key to opening up a world of possibilities when it comes to redefining how businesses engage with consumers.
Brexit responsible for food supply problems in Northern Ireland, Ireland says
LONDON (Reuters) – Food supply problems in Northern Ireland are due to Brexit because there are now a certain amount of checks on goods going between Britain and Northern Ireland, Irish Foreign Minister Simon Coveney said.
British ministers have sought to play down the disruption of Brexit in recent days.
“The supermarket shelves were full before Christmas and there are some issues now in terms of supply chains and so that’s clearly a Brexit issue,” Coveney told ITV.
The Northern Irish protocol means there are “a certain amount of checks on goods coming from GB into Northern Ireland and that involves some disruption,” he said.
(Reporting by Guy Faulconbridge; Editing by Tom Hogue)
Top 8 Tax Scams to Watch Out For
It is tax time and that means finding the best way to file your taxes and to get a refund...
CEO Hisham Itani and Resource Group Recognized in the 2020 Global Banking & Finance Awards®
Global Banking & Finance Review has awarded Hisham Itani the Chairman and CEO of Resource Group, Technology CEO of the...
Euro zone business activity shrank in January as lockdowns hit services
By Jonathan Cable LONDON (Reuters) – Economic activity in the euro zone shrank markedly in January as lockdown restrictions to...
Volkswagen’s profit halves, but deliveries recovering
BERLIN (Reuters) – Volkswagen reported a nearly 50% drop in its 2020 adjusted operating profit on Friday but said car...
Global chip shortage hits China’s bitcoin mining sector
By Samuel Shen and Alun John SHANGHAI/HONG KONG (Reuters) – A global chip shortage is choking the production of machines...
Iran’s oil exports rise ‘significantly’ despite sanctions, minister says
DUBAI/LONDON (Reuters) – Iran’s oil exports have climbed in recent months and its sales of petroleum products to foreign buyers...
Nissan to source more UK batteries as part of Brexit deal ‘opportunity’
By Costas Pitas LONDON (Reuters) – Nissan will source more batteries from Britain to avoid tariffs on electric cars after...
Muted recovery for UK retailers in December ends worst year on record
By David Milliken and Andy Bruce LONDON (Reuters) – British retailers struggled to recover in December from a partial coronavirus...
Chinese phone maker Honor partners with key chip suppliers after Huawei split
By David Kirton SHENZHEN, China (Reuters) – Chinese budget phone maker Honor said on Friday it had signed partnerships with...
Oil down $1 as China COVID-19 cases trigger clampdowns
By Noah Browning LONDON (Reuters) – Oil prices fell on Friday, retreating further from 11-month highs hit last week, weighed...