I know it's a number that gets calculated on cybersecurity assessment sheets, but I've never seen it being in any way connected to reality. Best I can tell, the actual reputational damage is almost universally $0. Security breaches are non-actionable oopsies - unless your product is literally preventing such breaches[0], it's going to be seen as a random event that has no bearing on customers making their purchasing decisions. After all, it could've happened to anyone, and might just as well happen to any of the competitors, and it doesn't even impact any of the subjects directly.
--
[0] - And not even then - see e.g. CrowdStrike, who're busy turning the greatest security fuckup to date into a net positive event for them.
They don’t exactly have a captive audience. Besides the corvette, their competitors pretty much universally have a drop in replacement.
Changing cars is a heck of a lot easier than a corporation ripping out software that they likely have a 3-year contract on, and would require millions in services on top of just eating the cost of the contract itself.
Only if you believe the competition isn't doing the same thing.
My bank isn't a monopoly. They provide with terrible service. (Truely terrible). Trouble is all their competitors are just as bad.
GM gets no blow-back from this. Firstly because "nobody" cares. Second because "I bet you they're all doing it" and thirdly because in 20 minutes I'll be outraged about something else. By the time I buy my next car I can't remember who had this issue, plus all the other complaints about all the other manufacturers.
If I stopped buying from every company that has, or is, behaving badly, every company that had a security breach, or contributed to the wrong politician, or hired a racist, or whatever, I'd never spend a dime.
Firstly, with respect, one purchase is not damage.
Hacking the cellular is not damage to them (you bought the car.)
But mostly, given that you have principles (which I applaud), tell me which brands you would consider. (I'm pretty sure I can Google a bad-news-day for them too.)
> Firstly, with respect, one purchase is not damage.
In so far as the sense that anecdotes are not data. To the extent that Tempest1981 is a representative sample, it is an observation of damage to the brand's reputation.
I know it's a number that gets calculated on cybersecurity assessment sheets, but I've never seen it being in any way connected to reality. Best I can tell, the actual reputational damage is almost universally $0. Security breaches are non-actionable oopsies - unless your product is literally preventing such breaches[0], it's going to be seen as a random event that has no bearing on customers making their purchasing decisions. After all, it could've happened to anyone, and might just as well happen to any of the competitors, and it doesn't even impact any of the subjects directly.
--
[0] - And not even then - see e.g. CrowdStrike, who're busy turning the greatest security fuckup to date into a net positive event for them.