Presented at
Black Hat Asia 2021 Virtual,
May 6, 2021, 10:20 a.m.
(40 minutes)
<p>By common sense, we know that security vulnerabilities, data breaches, ransomware, privacy concerns and state-sponsored attacks impact negatively on the stock prices of public companies, but to what extent? How quickly will they recover? And, which sectors or industries are the most affected?<br><br>To answer the aforementioned questions, in this talk I'll present some assumptions that resulted from the data compilation and analysis of (in)famous security issues that affected stock prices. For instance, I’ll review some of the recent hacks, such as the SolarWinds ($SWI) breach, that affected many other companies, including FireEye ($FEYE). Also, I will discuss how much time it took to recover from important data breaches, such as the ones in Equifax ($EFX), Home Depot ($HD) and in multiple financial entities. When it comes to vulnerabilities, we’ll see the impact in the stock price by critical-risk vulnerabilities such as Meltdown in Intel ($INTC) chips and in the autopilot feature of Tesla ($TSLA) cars. Privacy concerns vs Facebook’s ($FB) stock price will be discussed as well.<br> <br>The core of this talk is key points that explain which security-related issues are more impactful against the stock prices as well as other conclusions such as which sectors/industries are the most impacted and the time it takes for stocks to recover. This will help you not to panic when you hear in the news "the stock plunged after a security vulnerability was reported". After this talk, you will understand better how impactful cybersecurity-related issues really are, and you’ll have some reference figures for the future in case you invest/trade in stocks, so you’ll know when it’s the right time to buy/sell. </p>
Presenters:
-
Alejandro Hernández
- Sr. Consultant, IOActive
Alejandro Hernandez is a security consultant who works for IOActive, where he has had the chance to work in Fortune 500 companies around the world. As a research enthusiast, he had the chance to present in Black Hat Arsenal: in 2011, DotDotPwn (directory traversal fuzzer), and in 2014, Melkor (ELF file format fuzzer). He has also been a speaker in other conferences such as DEF CON (Village), AppSec USA, BruCON (Belgium) and CODE BLUE (Japan). Involved in stock trading since 2013, he has been bridging cybersecurity with money markets for the last couple of years. In 2018, he presented vulnerabilities in trading technologies at Black Hat USA 2018.
Links:
Similar Presentations: