What would happen if a breach hit in Houston?
President Barack Obamarecently stated the challenge: “Wearea digitalized culture, and there is hacking going on every single day. There’s not a company… where somebody is not going to be phishing for something or trying to penetrate, or put in a virus or malware.”
Therecent security breach at Yahoo has proved the president’s admonition to be true. With nearly early 1 billion customers hacked, Yahoo is experiencing widespread customer dissatisfaction and customer defection. Dissatisfied with the security breach and fearful over a loss of safety, customers have fled to other providers. Yahoo has lost over $1 billion in market capitalization and faces the prospect of Verizon renegotiating the terms of acquiring it .
Security breaches — unfortunately — are not just the bane of retailers or Silicon Valley companies. Companies in the Houston area are vulnerable as well.
According to a 2016 report, the global oil and gas security market was valued at $25.68 billion in 2015 and is estimated to reach $32.79 billion by 2020. Some of the most prominent oil and gas companies include Houston staples such as Schlumberger, Halliburton, Phillips 66, Anadarko, KinderMorgan and National Oilwell Varco. Companiesfrom other sectors include Waste Managementand BMC Software, with national and international reach.
In addition to being prominent businessto-business companies, these companies have international reach, and workclosely with clients to develop and maintain costly infrastructure. This requires complex information technology support, which is predicated on the flowof sensitive information. For example, Waste Management deals in sensitive information about specific customer accounts, while National Oilwell Varco maydeal in sensitive information about rigs and oil reservoirs.
How will Houstonbased companies fare if they face an IT security breach?
We estimated the potential cost using models developed from the CUBE S® project, a research collaborative study. This bench--
markstudymeasures customer satisfaction with several strategic areas using a sample of over 4,900 business managers.
Within the strategic area of safety, business managers rated if their supplier “ensures that customer information is secure and safe.”
They rated their satisfaction with a supplier from being “extremely dissatisfied” to “extremely satisfied.” We related this satisfaction rating to their overall opinion, which is further predictive of sales and margin.
Thebottomline—the model—showswhat would happen if a breach happened: “Extremely satisfied” customers became “extremely dissatisfied.” Foremost, a B-to-Bcompany, onaverage, would lose 32.95 percent in sales.
Weappliedthemodel to 2015 sales for different companies. According to the model, Halliburton would lose $7.77 billion in annual sales, Waste Managementwould lose $4.6 billion, and Schlumberger would lose $11.68 billion. Similarly, the loss in sales would be $4.74 billion for Kinder Morgan, $7.54 billion for National Oilwell Varco and $2.86 billion for Anadarko. Aside from the reputational consequences, the loss of jobs that stems from decreasing sales can have a severe negative effect on the Texas economy.
Amajorcomponentof strategic innovation for manyHouston-basedcompanies is based on information technology, which has increased customer satisfaction. IT breaches, however, can severely dis- satisfy customers.
Byhelping to link IT security to customer-based and finance-based metric, companies can take the first step in alerting and reminding themselves to address this issue head on.
Thesafety imperative for Houston-based companies should not just be limited to health and humansafety, but should encapsulate data and information safety.
Otherwise, werunthe risk of being Yahoo-ed! Dr. Vikas Mittal is the J. Hugh Liedtke Professor of Marketing at Rice University’s Jones Graduate School of Business, and Dr. Shrihari Sridhar is an associate professor of marketing and Center for Executive Development professor at Texas A&M University’s Mays Business School.