Blog

Cybersecurity Committee: Risks Involved With a Cyber Incident

March 4, 2021

For a more visual presentation, download the Cybersecurity Committee's Step One infographic here. Otherwise, read the risks involved with a cyber incident below.

Operational Risk

Operations and technologies shut down and are unable to be used so employees cannot produce
Comfort, automation, and health safety systems controlled by network become inoperable so employees cannot work in the environment
Internal and external email and telephones systems are often shut down so intercompany communication and communications with customers and vendors are often shut down or heavily impacted
Ecommerce and banking systems are shutdown or heavily impacted
Public Facing websites are often taken down or unusable
Physical Security infrastructure operations and communications are often affected.

For more information: Reference CIS Controls – Basic/Foundational Sections 1 – 16Financial Risk

Loss of productivity and revenues add up quickly when employees cannot work
Bank and payment processing systems are often affected, severely limited, and made unusable. Making payments or bringing money in from sales impossible.

For More Information: Reference CIS Controls – Organizational Sections 17,19,20Legal Risk

Failure of notification services of the breach by city, county, state, and country as required by the entities and within the required timeline may result in tremendous fines.
Potential litigation with customers and vendors
Potential Criminal suit brought against the company and or executives
Potential Civil lawsuits from those that you have exposed PII, PHI and other personal data.

For more information: Reference CIS Controls – Organization Sections 17, 19, 20Reputational Risk

Your name of brand can be irrevocably hurt by a cyberattack.
Those you serve may lose trust in your ability to adequately conduct business. Particularly in the security field where a high degree of “customer data protection” is expected
High-profile dealings with law enforcement after a breach are often publicized through all types of news media
Vendors may show a preference for your competitors or abstain from conducting business with your company
Stakeholders may face personal scrutiny and adverse public opinion
The method and timing of notifying the media and others about the breach may provide severe backlash on the company and leadership.

For more information: Reference CIS Controls – Organization Sections 17, 19, 20

To learn more from the PSA Cybersecurity Committee, visit PSAEducation.com!

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.