{"id":16588,"date":"2023-10-06T17:22:34","date_gmt":"2023-10-06T17:22:34","guid":{"rendered":"https:\/\/mysourcefunding.com\/leadership\/clorox-crisis-shows-cyber-risks-harsh-business-downside\/"},"modified":"2023-10-06T17:22:36","modified_gmt":"2023-10-06T17:22:36","slug":"clorox-crisis-shows-cyber-risks-harsh-business-downside","status":"publish","type":"post","link":"https:\/\/mysourcefunding.com\/?p=16588","title":{"rendered":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside"},"content":{"rendered":"<div>\n<p>The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on the 2023 <em>Forbes<\/em> Most Cybersecure Companies list. Nonetheless, an August breach halted its operations with devastating supply chain and business consequences.<\/p>\n<p>While the cybercrime details remain unclear, Clorox disclosed that it was forced back to manual processes, as automation systems took nearly six weeks to normalize. That left retailers and consumers scrambling for merchandise. In terms of the financial aftermath, its preliminary FY2024 Q1 results suffered significantly:<\/p>\n<ul>\n<li>\u201cOrder processing delays and significant product outages\u201d dented quarterly sales by 28%.<\/li>\n<li>Lower gross margins are anticipated, as \u201cthe impact of the cybersecurity attack more than offset the benefits of pricing, cost savings and supply chain optimization [and] lower cost absorption driven by lower volume.\u201d<\/li>\n<li>Quarterly earnings per share will show a loss rather than positive result.<\/li>\n<li>Remediation efforts and expenditures will extend well into FY 2024.<\/li>\n<\/ul>\n<p>The capital markets have not responded kindly, as Clorox shares are down over 25% since the August news, trading at or near five-year lows. That\u2019s over $3 billion in lost market valuation.<\/p>\n<p>The damage is measurable and the lessons should be clear. As cyber threats surge, the alarming scale, speed and scope of the upheaval at Clorox should motivate senior leaders in all organizations to question, assess and fortify business resilience, operational agility and technological readiness \u2014 <em>before it\u2019s too late<\/em>.<\/p>\n<p><fbs-ad position=\"inread\" progressive=\"\" ad-id=\"article-0-inread\" aria-hidden=\"true\" role=\"presentation\"><\/fbs-ad><\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Fight Fire With Fire<\/h2>\n<p>While no company is immune to cyber risk, strong, substantive digital era leadership is widely lacking. Here are four immediate, meaningful actions organizations can take to boost business resilience:<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">1. <strong>Seriously address board composition.<\/strong><\/h3>\n<p>The SEC\u2019s long-awaited cybersecurity regulations exclude board tech expertise. Not surprisingly, cyber expertise on boards remains rare. According to recent research by the Wall Street Journal, only \u201c107 directors at 113 [S&amp;P 500] companies had professional experience in cybersecurity.\u201d Further, those leaders \u201cheld a total of 124 [2.3%] of S&amp;P 500 board seats.\u201d<\/p>\n<p>Clorox was no exception. Astonishingly, despite the ongoing cyber crisis, its 2023 Proxy Statement reveals no plans for a board technology committee and none of the twelve seated and nominated directors has any credible tech experience. One member, Julia Denman, works in Microsoft\u2019s audit and finance function. However, tech firm employment does not constitute the background cyber threats demand.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">2. Equip the board with independent insights.<\/h3>\n<p>Chris Hetner, former senior cybersecurity advisor to SEC Chairs Mary Jo White and Jay Clayton and currently Nasdaq Center for Board Excellence Insights Council member and senior cyber risk advisor to the National Association of Corporate Directors (NACD), advocates mirroring risk transfer market methodologies. For instance, the NACD endorsed X-Analytics as the preferred boardroom cyber risk reporting solution for their over 23,000 members. X-Analytics is a patented and validated cyber risk decisioning platform that ties an enterprise\u2019s cyber risk probability, severity and control effectiveness to financial loss probabilities.<\/p>\n<p>Hetner explained, \u201cClorox\u2019s shutdown reinforces that cybersecurity threats introduce business, operational and financial harm. Now\u2019s the time to deliver effective executive and boardroom reporting that expresses cyber threats and resilience strategies through the business lens.\u201d<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">3. <strong>Set business interruption tolerance and deploy capital accordingly.<\/strong><\/h3>\n<p>Hetner urges boards to re-center cybersecurity discussions on \u201cthe financial and business impact associated with each digital risk type, such as intellectual property theft, business interruption, ransomware, loss of customer data or misappropriation of funds. That immediately connects continuous cyber risk assessment to strategy and balance sheet stress.\u201d<\/p>\n<p>He suggested that cybersecurity consideration start with how much business interruption an enterprise is willing to tolerate. Boards, CEOs and CFOs must first understand the costs of a \u201csix hour, daylong or weeklong\u201d shutdown. Accepting that downside then more easily defines the justifiable capital allocation for adequate countermeasures,\u201d Hetner explained.<\/p>\n<p>That\u2019s thinking differently \u2014 <em>with a much higher chance of better outcomes<\/em>. \u201cThe default tendency of CIOs and CISOs is to rely on periodic tactical and technical reports to justify tech solutions spending that may suppress risk,\u201d Hetner highlighted. \u201cThat too often gets \u2018lost in translation\u2019 when engaging board members and the wider c-suite \u2014 leaving leadership unsure of precisely what they are funding and where residual gaps remain.\u201d<\/p>\n<p>Hetner emphasized, \u201cWhen a leadership team possesses an aggregate view of risk tied to financial exposure, they can then best decide how much risk to accept, transfer or deploy capital to manage.\u201d That downside-first view raises cybersecurity from a technical afterthought to the business strategy forefront.<\/p>\n<h3 class=\"subhead3-embed color-body bg-base font-accent font-size text-align\">4. Simulate cyberattack responses.<\/h3>\n<p>Last year, CNBC\u2019s CFO Council Summit attendees participated in a ransomware attack simulation. Most senior executives felt quite unprepared, scrambled for legal advice and all paid the ransom. Noname Security CISO Karl Mattson observed. \u201cThe CFOs really struggled with calculating the break-even point of \u2018to pay or not to pay. In our simulation, we realized that our business really does have a threshold of pain and lost revenue, above which the ransom payment is entirely rational. We had to build that cost\/loss model on the fly.\u201d<\/p>\n<p>In the Clorox case, SafeBreach CISO Avishai Avivi, told IndustryWeek, \u201cThe fact that it will take Clorox more than a month to recover normal operations is not a good sign. It indicates to me that the adversary was able to penetrate the backbone of Clorox operations and impact multiple systems.\u201d<\/p>\n<p>He added, \u201cWhile Clorox indicated in their August notification that they have activated their business continuity plan (BCP), the fact that they have still not recovered full operational capability indicates that their BCP was not complete for this particular type of disruption. A good BCP [includes] a recovery time objective (RTO). It is very rare that an RTO will be longer than a month.\u201d<\/p>\n<p>Most executives stand unready to credibly make such estimates. <em>That\u2019s because few have ever challenged themselves with realistic simulations.<\/em><\/p>\n<h2 class=\"subhead-embed color-accent bg-base font-accent font-size text-align\">Roll The Bones<\/h2>\n<p>Cyber criminals are targeting larger and seemingly more secure targets daily. Even well-funded and highly-touted Clorox was not ready, willing and able enough to withstand its breach. <em>Who else is relying on chance over serious change?<\/em><\/p>\n<\/div>\n<p>Read the full article <a href=\"https:\/\/www.forbes.com\/sites\/noahbarsky\/2023\/10\/06\/clorox-crisis-shows-cyber-risks-harsh-business-downside\/\" target=\"_blank\" rel=\"noopener\">here<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on the 2023 Forbes Most Cybersecure Companies list. Nonetheless, an August breach halted its operations with devastating supply chain and business consequences. While the cybercrime details remain unclear, Clorox disclosed that it was [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":16589,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"content-type":"","footnotes":""},"categories":[76],"tags":[],"class_list":{"0":"post-16588","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-leadership"},"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary<\/title>\n<meta name=\"description\" content=\"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mysourcefunding.com\/?p=16588\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary\" \/>\n<meta property=\"og:description\" content=\"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mysourcefunding.com\/?p=16588\" \/>\n<meta property=\"og:site_name\" content=\"Brandiary\" \/>\n<meta property=\"article:published_time\" content=\"2023-10-06T17:22:34+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-10-06T17:22:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/10\/1696612955_0x0.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"800\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"News Room\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"News Room\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588#article\",\"isPartOf\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588\"},\"author\":{\"name\":\"News Room\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4\"},\"headline\":\"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside\",\"datePublished\":\"2023-10-06T17:22:34+00:00\",\"dateModified\":\"2023-10-06T17:22:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588\"},\"wordCount\":1011,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/mysourcefunding.com\/#organization\"},\"articleSection\":[\"Leadership\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/mysourcefunding.com\/?p=16588#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588\",\"url\":\"https:\/\/mysourcefunding.com\/?p=16588\",\"name\":\"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary\",\"isPartOf\":{\"@id\":\"https:\/\/mysourcefunding.com\/#website\"},\"datePublished\":\"2023-10-06T17:22:34+00:00\",\"dateModified\":\"2023-10-06T17:22:36+00:00\",\"description\":\"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on\",\"breadcrumb\":{\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/mysourcefunding.com\/?p=16588\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/mysourcefunding.com\/?p=16588#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/mysourcefunding.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/mysourcefunding.com\/#website\",\"url\":\"https:\/\/mysourcefunding.com\/\",\"name\":\"Brandiary\",\"description\":\"Latest Business and Startup News and Updates\",\"publisher\":{\"@id\":\"https:\/\/mysourcefunding.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/mysourcefunding.com\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/mysourcefunding.com\/#organization\",\"name\":\"Brandiary\",\"url\":\"https:\/\/mysourcefunding.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png\",\"contentUrl\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png\",\"width\":381,\"height\":100,\"caption\":\"Brandiary\"},\"image\":{\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4\",\"name\":\"News Room\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/mysourcefunding.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png\",\"contentUrl\":\"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png\",\"caption\":\"News Room\"},\"sameAs\":[\"https:\/\/mysourcefunding.com\"],\"url\":\"https:\/\/mysourcefunding.com\/?author=1\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary","description":"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mysourcefunding.com\/?p=16588","og_locale":"en_US","og_type":"article","og_title":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary","og_description":"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on","og_url":"https:\/\/mysourcefunding.com\/?p=16588","og_site_name":"Brandiary","article_published_time":"2023-10-06T17:22:34+00:00","article_modified_time":"2023-10-06T17:22:36+00:00","og_image":[{"width":1200,"height":800,"url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/10\/1696612955_0x0.jpg","type":"image\/jpeg"}],"author":"News Room","twitter_card":"summary_large_image","twitter_misc":{"Written by":"News Room","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mysourcefunding.com\/?p=16588#article","isPartOf":{"@id":"https:\/\/mysourcefunding.com\/?p=16588"},"author":{"name":"News Room","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4"},"headline":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside","datePublished":"2023-10-06T17:22:34+00:00","dateModified":"2023-10-06T17:22:36+00:00","mainEntityOfPage":{"@id":"https:\/\/mysourcefunding.com\/?p=16588"},"wordCount":1011,"commentCount":0,"publisher":{"@id":"https:\/\/mysourcefunding.com\/#organization"},"articleSection":["Leadership"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/mysourcefunding.com\/?p=16588#respond"]}]},{"@type":"WebPage","@id":"https:\/\/mysourcefunding.com\/?p=16588","url":"https:\/\/mysourcefunding.com\/?p=16588","name":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside | Brandiary","isPartOf":{"@id":"https:\/\/mysourcefunding.com\/#website"},"datePublished":"2023-10-06T17:22:34+00:00","dateModified":"2023-10-06T17:22:36+00:00","description":"The Clorox cyberattack crisis warrants every board\u2019s attention. The consumer-products giant spent over $500 million on IT upgrades and earned a spot on","breadcrumb":{"@id":"https:\/\/mysourcefunding.com\/?p=16588#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mysourcefunding.com\/?p=16588"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/mysourcefunding.com\/?p=16588#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mysourcefunding.com\/"},{"@type":"ListItem","position":2,"name":"Clorox Crisis Shows Cyber Risk\u2019s Harsh Business Downside"}]},{"@type":"WebSite","@id":"https:\/\/mysourcefunding.com\/#website","url":"https:\/\/mysourcefunding.com\/","name":"Brandiary","description":"Latest Business and Startup News and Updates","publisher":{"@id":"https:\/\/mysourcefunding.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mysourcefunding.com\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mysourcefunding.com\/#organization","name":"Brandiary","url":"https:\/\/mysourcefunding.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/","url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png","contentUrl":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/b-logo-1.png","width":381,"height":100,"caption":"Brandiary"},"image":{"@id":"https:\/\/mysourcefunding.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/5062dafb0f932b59aa228f1a047332f4","name":"News Room","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mysourcefunding.com\/#\/schema\/person\/image\/","url":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png","contentUrl":"https:\/\/mysourcefunding.com\/wp-content\/uploads\/2023\/06\/avatar_user_1_1688031660-96x96.png","caption":"News Room"},"sameAs":["https:\/\/mysourcefunding.com"],"url":"https:\/\/mysourcefunding.com\/?author=1"}]}},"_links":{"self":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/16588","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16588"}],"version-history":[{"count":1,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/16588\/revisions"}],"predecessor-version":[{"id":16590,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/posts\/16588\/revisions\/16590"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=\/wp\/v2\/media\/16589"}],"wp:attachment":[{"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16588"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16588"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mysourcefunding.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16588"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}