Professional Documents
Culture Documents
of Threats to Organizations
BERNADETH B. LIGGAYU
The Types of Impact
References: https://www.knowitallninja.com/lessons/the-impact-of-threats/
Operational Loss
Operational losses refer
to damages of the
operating capability of an
organization. This
includes a loss of
manufacturing output,
service availability and
service data.
• Forexample, a business whose operations rely on IT systems
can be prevented from performing any work due to
cybersecurity threats. Even on the manufacturing line, the
machinery that builds the products will receive its instructions
from computers that could be taken offline due to some threat.
• Forbusinesses who don’t rely on manufacturing, but providing
services and data, they are even more easily affected. An
online store could be taken down by a denial-of-service attack
that will prevent the business from taking and processing sales.
• It’s
clear that, due to how reliant all businesses now are on IT
systems, cybersecurity threats can massively hinder the
operation of the business.
Financial Loss
Financial losses refer to
damages to the wealth of
an organization. This
includes organizational
losses, compensation
and legal fees.
• By financial loss, we mean actual increased costs, or
reduced income, caused by the threat. This could be
replacing damaged equipment from sabotage or the loss of
sales due to your website being down from a malicious
hack.
• Compensation and legal fees come as a result of suffering a
threat, as a business may be culpable, and so might need to
both compensate customers that are affected by the threat
and pay data protection fines placed on the business by the
ICO due to the improper security of the data. There may
also be legal fees to defend oneself in court, should there be
a case for legal culpability.
• After being hacked, Tesco Bank had to pay £2.5m in
compensation to customers and faced a massive fine by the
ICO.
Reputational Loss
Reputation losses refer to
the loss of trust and lowered
opinion of people to a
business as a result of them
being affected by a threat.
This could be a lack of
service and employee or
customer information.
• The lack of service is due to customers no longer wanting to
do business with an organization due to concerns over
whether the service will be available. If you subscribed to a
website and their services regularly went down due to
cybersecurity threats, this would naturally lead to questions
about continuing to use it.
• Similarly, if a business has been hacked and had personal
data stolen of employees or customers, you may not want
them to be storing your data in future, as you would be
concerned of them failing to protect that data again, which
could impact on you. You, therefore, may not provide them
with data they require and may instead take your business
elsewhere.
Intellectual Property Loss