The business impact of cyber incidents

Entire communities can feel the effects — and bear the costs — when cybercriminals breach a single organization. Here’s what each of us can do about it.

 

As our world becomes increasingly digitized and connected, cybercrime has emerged as one of our society’s most serious threats. Criminals continue to refine methods of infiltrating digital networks and deceiving employees at organizations, which can result in businesses being unable to operate, data being stolen and consumers losing services.

 

Increasingly, the criminals are targeting essential industries and service providers, such as hospitals, energy delivery companies, food suppliers and software companies. The cost to these organizations is immense: The average total cost to an organization of a data breach between March 2023 and February 2024 was $4.88 million — a 10% increase since the same period in 2022-2023.1

 

But this estimate does not fully account for costs to consumers, who may experience higher prices, hardship due to loss of essential services and an overall feeling of mistrust when organizations they depend on experience a breach.

 

It can be difficult to understand the seriousness of cybercrime unless we are directly affected by it. Yet it is important to recognize that as our economy becomes increasingly globalized and interconnected, no one is immune from the impacts of cyber insecurity.

Switch to Accessibility Friendly View

Furthermore, every citizen has a stake in supporting a culture of cyber awareness and defense that extends to private businesses, the public sector and our personal lives. The better the threat is understood, the more resources we have to defend against it.

 

Consumers and citizens often experience residual effects of cybercrime, even if they are far downstream from the initial breach or incident.

All industries, companies and communities are at risk for cybercrime

Cyber incidents involving large companies make headlines for good reasons: These breaches often involve the compromise of millions of customer account details or a demand for millions of dollars in ransom. But criminals are opportunistic and willing to exploit any weakness in any organization’s digital defenses if there is a potential for profit, even (and in some cases especially) when public safety will be compromised. For example, when hospitals are suddenly unable to access their servers, patient records or connected devices, patient health and privacy are at risk.

 

Cybercrimes that focus on supply chains can create effects that trickle downstream and are experienced by consumers, such as goods shortages, higher prices or interrupted services. In some cases, affected consumers and businesses may be in completely different countries. During an incident where software used by many businesses is compromised, service interruptions can happen in multiple locations.

 

Public trust is also at risk

If essential organizations and service providers experience cybercrime, consumers and constituents may experience doubt about those organizations’ security, and they may even become concerned for their own personal safety. The reputational damage that can accompany a serious breach can be severely damaging to almost any institution.

 

Yet it is important to remember that even the most robust security defenses and most diligent organizations are not immune to cybercrime. Trust is a function of a commitment to cybersecurity, which includes a high level of transparency, effective communication and rapid remediation after an incident occurs.

 

As a private citizen, you can demand accountability and responsiveness from institutions and businesses, before and after a cyber incident occurs.

How you can contribute to your community’s cybersecurity

Consumers and citizens can have an indirect impact on cybersecurity by prioritizing it. By learning about cyber best practices, we can be more proactive in making sure the organizations where we work, shop and turn to for the delivery of essentials are invested in their own security — and ours.

 

You can help build a culture of cybersecurity in several ways:

  • Support businesses and organizations that show accountability and dedicate resources to their cybersecurity practices.
  • Learn about the cybersecurity protocols of any organization where you work, volunteer or regularly attend events.
  • Follow good cyber hygiene protocols while using your personal online accounts, including social media.
  • Share good cyber practices with your family and friends.

 

Turning cybersecurity into a society-wide objective requires proactive buy-in from individual citizens, business and community leaders, educational institutions and security professionals. Keeping our core institutions and essential businesses safe is an ongoing challenge, but the more you know about digital security and how to respond to cyber incidents, the better prepared your community becomes.

 

Stay connected, stay protected

 

To help keep your Merrill account information safe and secure, make sure your contact information is up to date and set up security and account alerts so we can stay in touch. Remember, if we need to reach out to you, we’ll NEVER ask for personal or financial information or an access code through email, text or unsolicited calls. Visit our Security Center for tips on how to recognize potential scams and learn more about how to keep your accounts safe.

 

Choose your advisor in a more personalized way

All our advisors are committed to putting your needs and priorities first. Find some who match your personal preferences too.

Loading...

Try Advisor Match

Answer a few questions

Want us to contact you?

Submit a request

Phone

Loading...

Email

View your advisor

1 IBM Corporation, “Cost of a Data Breach Report 2024,” July 2024.

 

Neither Bank of America nor its affiliates provide information security or information technology (IT) consulting services. This material is provided “as is,” with no guarantee of completeness, accuracy, timeliness or of the results obtained from the use of this material, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, quality and fitness for a particular purpose. This material should be regarded as general information on information security and IT considerations and is not intended to provide specific information security or IT advice nor is it any substitute for your own independent investigations. If you have questions regarding your particular IT system or information security concerns, please contact your IT or information security advisor.

Switch to Accessibility Friendly View
How we can help

Explore what it’s like to work with a Merrill Financial Advisor

Start here

Related Articles

Be cyber secure: Hone your password-writing skills with this quiz

Read more

Be cyber secure: Do’s and don’ts for your family

Read more

Donors, beware these digital giving scams

Read more

Information for:

Corporations & Institutions Job Seekers Media & Journalists Shareholders

Get in touch:

Contact Us

Connect with ML®:

Investing involves risk. There is always the potential of losing money when you invest in securities. Past performance does not guarantee future results. Asset allocation, rebalancing and diversification do not guarantee against risk in broadly declining markets.

Merrill, its affiliates, and financial advisors do not provide legal, tax, or accounting advice. You should consult your legal and/or tax advisors before making any financial decisions.

This material is not intended as a recommendation, offer or solicitation for the purchase or sale of any security or investment strategy. Merrill offers a broad range of brokerage, investment advisory (including financial planning) and other services. Additional information is available in our Client Relationship Summary

This material does not take into account a client’s particular investment objectives, financial situations, or needs and is not intended as a recommendation, offer, or solicitation for the purchase or sale of any security or investment strategy. Merrill offers a broad range of brokerage, investment advisory (including financial planning) and other services. There are important differences between brokerage and investment advisory services, including the type of advice and assistance provided, the fees charged, and the rights and obligations of the parties. It is important to understand the differences, particularly when determining which service or services to select. For more information about these services and their differences, speak with your Merrill financial advisor.

Merrill Lynch, Pierce, Fenner & Smith Incorporated (also referred to as “MLPF&S” or “Merrill”) makes available certain investment products sponsored, managed, distributed or provided by companies that are affiliates of Bank of America Corporation (“BofA Corp.”). MLPF&S is a registered broker-dealer, registered investment adviser, Member SIPC and a wholly owned subsidiary of BofA Corp.

Insurance and annuity products are offered through Merrill Lynch Life Agency Inc., a licensed insurance agency and wholly owned subsidiary of Bank of America Corporation.

Trust, fiduciary and investment management services, including assets managed by the Specialty Asset Management team, are provided by Bank of America, N.A., Member FDIC and wholly owned subsidiary of Bank of America Corporation (“BofA Corp.”), and its agents.

Bank of America Private Bank is a division of Bank of America, N.A.

U.S. Trust Company of Delaware is a wholly owned subsidiary of Bank of America Corporation.

Banking products are provided by Bank of America, N.A. and affiliated banks, Members FDIC and wholly owned subsidiaries of Bank of America Corporation.

Investment, insurance and annuity products:

Are Not FDIC Insured Are Not Bank Guaranteed May Lose Value
Are Not Deposits Are Not Insured by Any Federal Government Agency Are Not a Condition to Any Banking Service or Activity
© Bank of America Corporation. All rights reserved.

Patent: patents.bankofamerica.com

6950500-EXP-2026-03-16
X

You need to answer some questions first

Then we can provide you with relevant answers.

Get started