The impact of a hack is not just a short-term blip in price. Cyber has a longer-term impact on organisational performance. Cyber remediation costs, legal and regulatory fines and brand and reputation impacts take time to work through. Equifax was one of the first companies to be downgraded by Moody’s in 2019 due to the longer-term impact on free cash flow, following its 2017 hack. It’s $3.4bn of debt was downgraded last week due to the compounding impact of cyber spend and economic challenges on free cash flow, albeit still at a moderate level of risk.(https://lnkd.in/dcsD8T7).
Cyber has a habit of coming back to haunt you. To put in place the necessary security practices, to secure Federal Contract Information (FCI) and Controlled Unclassified Information (CUI). In my view it is a regulation with which has some similarities to GDPR and CCPA. In the case of CMMC, formally underpinned by NIST 800 – 171.