With cybersecurity incident disclosures showing up more often in Securities and Exchange Commission filings, courtesy of the agency’s mandate, a key question lingers about the financial damages publicly-traded companies could confront from these material events.
A materiality assessment model unveiled this week by the risk-management organization FAIR Institute aims to quantify those losses with an assist from the FAIR Materiality Assessment Model open-source framework.
“How Material is That Hack?” went live Tuesday at the FAIR Institute’s annual conference with details about five recently disclosed cyberattacks against MGM Resorts, Caesars Entertainment, Johnson Controls, Clorox and Progressive Leasing.
The tool’s estimates that, “most likely,” these five incidents will result in primary and secondary costs of $663 million.
The FAIR Institute and its founding partner, Safe Security, which runs the online calculator, said more data and resources will be added on an ongoing basis.
The online calculator isn’t automated but rather serves as a model for how data from SEC filings and other publicly available information can…
