The Impact of Data Breaches on UK Companies: Revealing Insights | GBAF

The Impact of Data Breaches on UK Companies: Revealing Insights | GBAF

Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Home > Business > PROTECTING DATA NO LONGER JUST AN IT PROBLEM ACCORDING TO CENTRIFY-COMMISSIONED PONEMON STUDY

PROTECTING DATA NO LONGER JUST AN IT PROBLEM ACCORDING TO CENTRIFY-COMMISSIONED PONEMON STUDY

Published by Gbaf News

Posted on May 23, 2017

12 min read

Last updated: January 21, 2026

Image depicting cloud technology and security concepts essential for modern businesses - Global Banking & Finance Review — This image illustrates key concepts of cloud-native security, crucial for businesses utilizing cloud technology. It highlights the need for integrated security strategies in the ever-evolving IT landscape.

Report highlights the damaging impact of data breaches with share prices dropping an average of 5 per cent, customer churn increasing as much as 7 per cent and brand reputation severely tarnished

C-suite blind spot exposed as 39 per cent of IT practitioners and 36 per cent of CMOs don’t believe they take brand protection seriously

When it comes to the biggest threats facing UK companies, IT practitioners and CMOs both believe a data breach ranks at the top, behind poor customer service, as it relates to their company’s reputation and brand value. Yet 39 per cent (IT) and 36 per cent (CMOs) don’t believe that brand protection is taken seriously by senior level executives. The findings were part of The Impact of Data Breaches on Reputation & Share Value: A Study of Marketers, IT Practitioners and Consumers in the UK. This Ponemon study was commissioned by Centrify, the leader in securing hybrid enterprises through the power of identity services, and has revealed the far-reaching consequences of data security breaches across an organisation — including sales, marketing and IT – and the significant negative effect on company finances, shareholder value and brand reputation. And while the study found a data breach has a significant impact on brand reputation, a startling 71 per cent of IT practitioners do not believe that brand protection is their responsibility.

The study found that the share value index of 113 companies declined an average of five per cent immediately following the disclosure of the breach and experienced up to a seven per cent customer churn. What’s more, one in four (27 per cent) of consumers impacted by a breach stated they discontinued their relationship with an organisation that experienced a data breach.

Commenting on the findings, Independent cybersecurity expert, Dr Jessica Barker, said: “With so many data breaches hitting the headlines, there can be a sense of defeatism among some organisations. Breaches are seen as inevitable so some organisations question the value of spending on security when it won’t make them 100% secure. However, this research has found that investing in security helps protect the organisation when even the worst happens, as companies with a strong security posture experience much quicker stock price recovery than those with a poor security posture following a data breach.”

“In this past year alone we’ve seen high-profile data breaches, such as Yahoo and TalkTalk, experience the significant consequences that a breach can have on shareholder value and brand reputation,” said Bill Mann, senior vice president of products and chief product officer, Centrify. It’s clearly a blind spot for the C-suite and it’s time leadership recognise that protecting data is no longer just an IT problem, but a bottom-line business concern that needs a holistic and strategic approach to protecting the whole organisation.”

How poor security posture impacts company value and customer loyalty

A portfolio of share prices was composed for 113 publicly traded benchmarked companies who had experienced a data breach involving the loss of customer or consumer data. The index value was tracked 30 days prior to the announcement of the data breach and 120 days following the data breach.

These companies experienced a 5 per cent price decline immediately following the disclosure of the breach. More revealing are those companies with a strong security posture – companies that have made investments in people, process and technologies — which are less likely to see a decline in share prices mainly because they are better equipped to respond.
Those companies with a self-reported superior security posture saw a decline of no more than three per cent, and after 120 days following a breach, successfully rebounded with a three percent gain in stock price prior to the breach. In contrast, those with a poor security posture experienced a share price decline as high as seven per cent, and 120 days following the breach, did not fully recover the share price it had prior to the breach.
Customer loyalty was also impacted with 65 per cent of consumers having lost trust in the breached company and 27 per cent of consumers discontinuing their relationship altogether.

IT under scrutiny

While 63 per cent of IT feared losing their job after a breach, the reality is the IT function is placed under greater scrutiny following a data breach. For those IT practitioners that had experienced a data breach, the most negative consequences were: significant financial harm (52 per cent), greater scrutiny of the capabilities of the IT function (51 per cent) significant brand and reputation damage (35 per cent) and decreased customer and consumer trust in their organisation (35 per cent).

Business impact and organisational disconnect

The study showed a significant disconnect across the business when it comes to responsibilities and brand reputation ownership:

70 per cent of IT practitioners do not believe their companies have a high-level ability to prevent breaches, however 58 per cent of CMOs are confident that their company would be resilient to a data breach that results in the loss or theft of high value assets
There’s a clear blind spot when it comes to data breaches and the impact they have on share price. Just 23 per cent of CMOs and 3 per cent of IT practitioners are concerned about a decline in their company’s share price. For those that had a breach, only five per cent of CMOs and six per cent of IT professionals say that there was a decline in share price as a result of the breach.
While IT practitioners and CMOs are both worried about the loss of reputation after a breach, their concerns apply only to their specific job function. For CMOs the top three concerns from a data breach were lost of reputation (67 per cent), decline in revenues (53 per cent) and loss of customers (46 per cent). For IT, the biggest concerns were loss of their jobs (63 per cent), loss of reputation (43 per cent) and time to recover decreases productivity (41 per cent).

Download the Ponemon report at: https://www.centrify.com/lp/ponemon-data-breach-brand-impact-uk/

The Study

The Impact of Data Breaches on Reputation & Share Value: A Study of Marketers, IT Practitioners and Consumers in the UK, a Ponemon study, surveyed 313 individuals in IT operations and information security, 292 senior level marketing professionals and 405 consumers. To determine the impact a data breach has on share value, 113 benchmarked global public companies that experienced a data breach involving consumer data were selected for this analysis. These companies, which represented 16 industry sectors, were indexed against a match sample of companies that did not experience a data breach during the test period. The Security Effectiveness Score (SES) referenced in this study is determined by utilising the Ponemon Institute’s proprietary benchmark database and is derived from rating numerous security features or practices, including but not limited to, having a full-time CISO, employee training and awareness programs, regular audits and assessments of security vulnerabilities, and policies to manage third-party risk. This method has been validated from more than 50 independent studies conducted for more than a decade.

Report highlights the damaging impact of data breaches with share prices dropping an average of 5 per cent, customer churn increasing as much as 7 per cent and brand reputation severely tarnished

C-suite blind spot exposed as 39 per cent of IT practitioners and 36 per cent of CMOs don’t believe they take brand protection seriously

When it comes to the biggest threats facing UK companies, IT practitioners and CMOs both believe a data breach ranks at the top, behind poor customer service, as it relates to their company’s reputation and brand value. Yet 39 per cent (IT) and 36 per cent (CMOs) don’t believe that brand protection is taken seriously by senior level executives. The findings were part of The Impact of Data Breaches on Reputation & Share Value: A Study of Marketers, IT Practitioners and Consumers in the UK. This Ponemon study was commissioned by Centrify, the leader in securing hybrid enterprises through the power of identity services, and has revealed the far-reaching consequences of data security breaches across an organisation — including sales, marketing and IT – and the significant negative effect on company finances, shareholder value and brand reputation. And while the study found a data breach has a significant impact on brand reputation, a startling 71 per cent of IT practitioners do not believe that brand protection is their responsibility.

The study found that the share value index of 113 companies declined an average of five per cent immediately following the disclosure of the breach and experienced up to a seven per cent customer churn. What’s more, one in four (27 per cent) of consumers impacted by a breach stated they discontinued their relationship with an organisation that experienced a data breach.

Commenting on the findings, Independent cybersecurity expert, Dr Jessica Barker, said: “With so many data breaches hitting the headlines, there can be a sense of defeatism among some organisations. Breaches are seen as inevitable so some organisations question the value of spending on security when it won’t make them 100% secure. However, this research has found that investing in security helps protect the organisation when even the worst happens, as companies with a strong security posture experience much quicker stock price recovery than those with a poor security posture following a data breach.”

“In this past year alone we’ve seen high-profile data breaches, such as Yahoo and TalkTalk, experience the significant consequences that a breach can have on shareholder value and brand reputation,” said Bill Mann, senior vice president of products and chief product officer, Centrify. It’s clearly a blind spot for the C-suite and it’s time leadership recognise that protecting data is no longer just an IT problem, but a bottom-line business concern that needs a holistic and strategic approach to protecting the whole organisation.”

How poor security posture impacts company value and customer loyalty

A portfolio of share prices was composed for 113 publicly traded benchmarked companies who had experienced a data breach involving the loss of customer or consumer data. The index value was tracked 30 days prior to the announcement of the data breach and 120 days following the data breach.

These companies experienced a 5 per cent price decline immediately following the disclosure of the breach. More revealing are those companies with a strong security posture – companies that have made investments in people, process and technologies — which are less likely to see a decline in share prices mainly because they are better equipped to respond.
Those companies with a self-reported superior security posture saw a decline of no more than three per cent, and after 120 days following a breach, successfully rebounded with a three percent gain in stock price prior to the breach. In contrast, those with a poor security posture experienced a share price decline as high as seven per cent, and 120 days following the breach, did not fully recover the share price it had prior to the breach.
Customer loyalty was also impacted with 65 per cent of consumers having lost trust in the breached company and 27 per cent of consumers discontinuing their relationship altogether.

IT under scrutiny

While 63 per cent of IT feared losing their job after a breach, the reality is the IT function is placed under greater scrutiny following a data breach. For those IT practitioners that had experienced a data breach, the most negative consequences were: significant financial harm (52 per cent), greater scrutiny of the capabilities of the IT function (51 per cent) significant brand and reputation damage (35 per cent) and decreased customer and consumer trust in their organisation (35 per cent).

Business impact and organisational disconnect

The study showed a significant disconnect across the business when it comes to responsibilities and brand reputation ownership:

70 per cent of IT practitioners do not believe their companies have a high-level ability to prevent breaches, however 58 per cent of CMOs are confident that their company would be resilient to a data breach that results in the loss or theft of high value assets
There’s a clear blind spot when it comes to data breaches and the impact they have on share price. Just 23 per cent of CMOs and 3 per cent of IT practitioners are concerned about a decline in their company’s share price. For those that had a breach, only five per cent of CMOs and six per cent of IT professionals say that there was a decline in share price as a result of the breach.
While IT practitioners and CMOs are both worried about the loss of reputation after a breach, their concerns apply only to their specific job function. For CMOs the top three concerns from a data breach were lost of reputation (67 per cent), decline in revenues (53 per cent) and loss of customers (46 per cent). For IT, the biggest concerns were loss of their jobs (63 per cent), loss of reputation (43 per cent) and time to recover decreases productivity (41 per cent).

Download the Ponemon report at: https://www.centrify.com/lp/ponemon-data-breach-brand-impact-uk/

The Study

The Impact of Data Breaches on Reputation & Share Value: A Study of Marketers, IT Practitioners and Consumers in the UK, a Ponemon study, surveyed 313 individuals in IT operations and information security, 292 senior level marketing professionals and 405 consumers. To determine the impact a data breach has on share value, 113 benchmarked global public companies that experienced a data breach involving consumer data were selected for this analysis. These companies, which represented 16 industry sectors, were indexed against a match sample of companies that did not experience a data breach during the test period. The Security Effectiveness Score (SES) referenced in this study is determined by utilising the Ponemon Institute’s proprietary benchmark database and is derived from rating numerous security features or practices, including but not limited to, having a full-time CISO, employee training and awareness programs, regular audits and assessments of security vulnerabilities, and policies to manage third-party risk. This method has been validated from more than 50 independent studies conducted for more than a decade.