Social Responsibility Helps Win Against Cyber Risk
When businesses do not take their vows to address environmental, cultural, social and political issues seriously they could be putting a target on their backs for hackers and placing their firms at greater risking of cyber attacks.
That’s according to a recent study by the University of Delaware which showed that when companies engage in so-called “greenwashing” tactics, they are more likely to draw the ire of hackers, resulting in increased risk of data breach and other types of cyber intrusions. As a result, hackers are getting more adept at “sniffing out” companies that claim to care about social responsibility, but in fact have a history of poor corporate social responsibility practices, such as subpar employee relations, product safety concerns and involvement in an environmental controversy, the study said.
“It seems that hackers have taken on a role as cyber activists, by targeting firms that are disingenuous toward social responsibility,” said John D’Arcy, a professor of accounting and management information systems in the University of Delaware’s Lerner College of Business and Economics.
D’Arcy warns that companies should be cautious about promoting what he terms “peripheral” corporate responsibility practices — sometimes called “greenwashing”– if they have otherwise poor records on corporate social issues. Peripheral actions are seen as a firm attempting to give the appearance of social responsibility without infusing such practices throughout their entire organization. Examples of peripheral practices might include charitable donations or recycling.
In contrast, diversity initiatives and making eco-friendly products are examples of socially responsible practices that are seen as embedded throughout a firm’s core business.
D’Arcy has cited hacks against the World Health Organization around its actions related to the COVID-19 pandemic as an example. He cites Walmart as a firm that has been accused of greenwashing for touting its investments in charitable and environmental causes while at the same time it is being criticized for paying low wages and neglecting investments in working environments.
On the other hand, the study found that firms that have more meaningful corporate responsibility practices face a lower risk of hacks and data breaches.
The study, Too Good to Be True: Firm Social Performance and the Risk of Data Breach, also found that hackers targeting firms with “greenwashing” practices, may include internal disgruntled employees as well as external hacktivist groups.