Severe cybersecurity incidents cost shareholders billions, says CGI

03 May 2017

Digitalisation comes with benefits, and pitfalls, for businesses. A new report highlights the cost of severe cybersecurity breaches on the share price of companies in the long-term, which average a reduction of 1.8%. The research too finds that the long-term negative effect on share price is increasing, creating additional incentives for business owners and the executive to act to prevent breaches where possible.

The digitalisation of business process creates a number of benefits to business operations, from lower costs to additional revenue streams. Digitalisation is not without issue however, as cybersecurity costs mount, transformation programmes fail and regulatory frameworks are imposed to haul in and forestall potentially abusive practices.

One area that is increasingly on the agenda at the boardroom level is cybersecurity. Businesses are increasingly finding themselves open to security incidents, with costs for business as a whole running in the order of $280 billion according to a recent report from Grant Thornton.

In a new report from CGI, titled ‘The Cyber-Value Connection’, the consulting firm explores the effect of cybersecurity breaches on the share price of companies affected. The research involved independent economic modelling from Oxford Economics, whose analytical methodology examines share price movements in companies that had experienced cyber breaches.

Weeks relative to incident breach

The research shows that there is a link between the share price of a company and cybersecurity breaches. Across the 65 companies in the sample, affected by a severe cybersecurity incident, the average long-term effect on share price was found to be 1.8%.

The performance of companies prior to the breach was found to have a correlation with the effect of the breach on share price. Poorly performing companies were found to be harder hit, their share price falling by an average of 2.3%, while companies outperforming their peers were found to average 1.1% reductions in share price in the long-term. The low sample size, the research notes, prohibits predictions in terms of the usual statistical levels of significance.

When averaging over the value of the average FTSE 100 company, a 1.8% average reduction in share price would see a £120 million loss of market capitalisation. Multiplying the average across the 65 companies whose severe breaches were considered as part of the research, the total costs hit £42 billion for the respective shareholders.

Cost to share price of top ten companies from catastrophic breach

The research in addition to identifying the average cost to companies affected from a severe breach, also found that catastrophic breaches resulted in significant depreciations in the long-term value of companies. One UK media and communications company, that had a catastrophic breach in 2015, has seen its share price fall by 15% in the long-term, while a retail company, also in the UK, has suffered a loss of 12.9% of its share price value from a breach in 2014.

Company share prices across a range of sectors have been negatively affected by catastrophic breaches, with the top 10 largest breaches covered by the research ranging between a fall of 15% and 4.8%.

Case study of breach at super market

The value of a major UK supermarket, following a cyber security breach, saw almost immediate reprisal from investors, as the share price fell by more than 7 percentage points during the week following the incident. The fallout from the event saw a further 1 percentage point drop as the full consequences of the event became clear to an irate public.

Impact on share price on Friday following by year

The research also found that the effects of cyber security incidents, measure on the Friday following the event, are becoming more severe with time. The average percentage point decrease to a firm’s share price stood at 0.2% in 2013, by 2014 this stood at a decrease of 1.5% of their share price, while for the period 2015/16 the effect of share price almost doubled to a decrease of 2.7%.

Impact on share price following Friday following incident

The research also found that different sectors are affected differently in terms of loss to their respective share prices. The retail, hospitality and travel industry, for instance, saw a negative impact of 0.4% on their share price measured on the Friday following the incident, heathcare saw a drop of 0.7%, while technology saw a decrease of 2.1%. Communications and financial firms were the hardest hit however, with decreases of 2.6% and 2.7% respectively.

Remarking on the research, a spokesperson from CGI states, “Clearly, the CEO has responsibility for increasing company value. With the link between cyber breach and company value established in this report, it is clear the CEO’s responsibility must also include direction and governance of cybersecurity.”



Grant Thornton advises on deal for high-growth cloud hosting firm

08 April 2019

Grant Thornton’s North West Corporate Finance team has completed its first TMT deal of 2019. The professional services firm advised the shareholders of Hosted Desktop UK on their investment from specialist SME lender Beechbrook Capital.

Technological disruption and changing consumer behaviour have continued to affect top Technology, Media & Telecommunications (TMT) players in recent years. The industry has seen revenues border on stagnation over the past decade, at 0.4% annual growth since 2008. While the industry is keen to develop new digital services and models to meet market challenges, they face a range of barriers – meaning the recruiting of talent specialising in innovative software and technology has become a key goal for the industry.

Amid this, Hosted Desktop UK (HDUK) provides cloud computing services to small and medium sized businesses across the UK. The firm’s cloud solutions provide businesses with IT reliability, flexibility, value for money and business continuity. As the firm bids to grow in the UK, with demand for its disruptive technologies high, HDUK has secured a key investment from specialist SME lender Beechbrook Capital.

Grant Thornton advises on deal for high-growth cloud hosting firm

The transaction was Beechbrook Capital’s maiden deal from its latest UK SME credit fund, which supports small and medium-sized businesses in the UK with EBITDA of £1 million and above. Manchester law firms Pannone Corporate (sell-side advice, led by Mark Winthorpe) and DWF LLP (buy-side advice, led by Jonathan Robinson) also advised on the deal, while Grant Thornton’s North West Corporate Finance team advised HDUK’s shareholders.

The deal represents the Grant Thornton branch’s first TMT deal of 2019, with a team comprised of Partner and Head of Corporate Finance Peter Terry, Manager Daniel Brecker and Assistant Manager Cariad Mudford advising HDUK shareholders on the investment. It is the third key deal in the TMT sector that the GT North team has advised on in the last 18 months, following the £16.5 million sale of Salford-based Sonassi to Iomart in December 2017 and NorthEdge Capital’s investment in Yorkshire company iPortalis in August 2018.

Grant Thornton’s Peter Terry said of the news, “As our domestic and working lives become ever-more technology dependent, it’s no surprise that there continues to be strong investor interest in any asset in the cloud computing, data infrastructure and connectivity space… We were pleased to work with Beechbrook Capital on the first deal in its new fund. It shows that despite the well-documented uncertainties in the economy there are still good funding options for dynamic SMEs and their management teams.”