Breach of major data center provider poses financial risk not just to Equinix, but to any company that relies on it to power their own business

Summary

$67bn data center giant Equinix was hit by a ransomware attack last week, the latest example of the vulnerabilities facing critical digital infrastructure in 2020.

Per a company statement on 13 September: “At this time, our investigation is centered on information related to our internal business. The incident continues to have no impact on our customers’ operations or the data on their equipment at Equinix.”

Report

Analysis

A large data center provider like Equinix is critical digital infrastructure today, along with cloud providers and managed service providers. As we wrote in the wake of the Cognizant breach, at a systemic level, vulnerabilities in a critical digital service provider (like a data center or services provider) create a heightened risk for all companies that rely on the company for aspects of their digital transformations.

In short, shortfalls in the security posture of a company like Equinix can create vulnerabilities for any company that relies upon it for aspects of digital transformation programs—from digital strategy and IOT to cloud enablement. This poses a risk not just to the shareholders of the service provider but to the shareholders of companies whose operations are disrupted by such a breach. A core role of a data center operator’s business is to protect the data it hosts. Shareholders would be prudent to ask the question of Equinix’s Management team: “How well or poorly is the company doing in protecting its data and that of its customers? What proof do we have, absent a known breach?”

One step removed, shareholders of any company that experiences a breach in its digital infrastructure—for example, a Salesforce that utilizes Equinix data centers—should be able to obtain objective information about how Salesforce may have been impacted. Investors expect the same in every other facet of financial risk. For example, a production delay or safety flaw in a Boeing jet leads to questions from and analysis by shareholders of airlines relying upon Boeing to deliver its product, as this impacts the airlines ability to generate revenue and profit. The same is true of digital infrastructure.

Additionally, there is the issue of data disclosure. Short of regulation requiring better data security disclosure standards, customers and the market have no choice but to take breached companies at their word when they say “the incident continues to have no impact on our customers’ operations or the data on their equipment at X company…”

Considering the financial risk of mismanaged technology and the fact that companies generally do a poor job preventing breaches, it is long overdue for common, transparent cybersecurity metrics that enable both the C-suite and shareholders to understand how well or poorly technology is being managed.

Close

Instantly download research in our library and be the first to get access to new content

Denis Bolshakov

Log out

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website