this post was submitted on 06 Aug 2024
18 points (95.0% liked)
Cybersecurity
5677 readers
113 users here now
c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.
THE RULES
Instance Rules
- Be respectful. Everyone should feel welcome here.
- No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
- No Ads / Spamming.
- No pornography.
Community Rules
- Idk, keep it semi-professional?
- Nothing illegal. We're all ethical here.
- Rules will be added/redefined as necessary.
If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.
Learn about hacking
Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !cybersecurity@lemmy.capebreton.social !securitynews@infosec.pub !netsec@links.hackliberty.org !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub
Notable mention to !cybersecuritymemes@lemmy.world
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Interesting discussion, but I would argue lack of reputational damage is primarily due to lack of competition. If it was easy to switch (and government policies were built around doing everything possible to reduce barriers to entry and switching costs) to other options, reputational damage would likely have far more severe consequences.
I like to use the 2013 Target breach case. They lost $1 billion due to the attack, their stocks dropped significantly after the attack, had several lawsuits, they closed a few stores, and changed the CEO and CIO. But a few months later, all was forgiven, their stocks recovered, and life went on.
Don't get me wrong, the risks of a cyber attack have to be taken seriously. But I feel that I have overestimated the impacts of reputational damage my whole life, as an infosec professional. My thinking was always like this: if you get reputational damage, you are done, no chance to recover, it is the end of it.
I'm following the Crowdstrike case, but I would bet that they will lose some market share (mostly prospects), perhaps some layoffs, but stocks will come up eventually.
Outside of data security, if reputational damage meant anything at all Samsung would have gone bankrupt, at least in their mobile phone division, years ago. Between getting caught astroturfing, literally human trafficking people...multiple times, and that time they had phones literally blowing up in people's pockets...and then rushed out a replacement rather than spending the time to fix it and make it safe, resulting in more phones blowing up. Well, if reputational damage mattered, there are heaps of other options. Apple, obviously, or Google's Nexus and later Pixel. Or companies like HTC, Sony, LG, and Motorola, many of which literally don't exist any more because people didn't switch to them, or newer brands like Oppo, Huawei, Xiaomi, and OnePlus. But here in Australia, and in America from the data I've seen, Samsung is easily the number 2, with a huge gap between them and 3rd, only Apple able to out-compete them.