Economic Aspects of Cyber Security: Socio-Financial Consequences of Cyber Attacks

Nikola Vidović; Hatidža Beriša

doi:10.18485/fb_ijcss.2025.1.2.7

Authors

Nikola Vidović University of Belgrade, Faculty of Security Studies, Belgrade, Serbia Author
Hatidža Beriša University of Defence, Military Academy, Belgrade – Republic of Serbia Author

DOI:

https://doi.org/10.18485/fb_ijcss.2025.1.2.7

Keywords:

cybersecurity, cyber attacks, economy, consequences, finance

Abstract

The economic impacts of cyberattacks on firms, financial institutions, public authorities, and critical infrastructure between 2009 and 2024 were systematically analysed using a sample of 31 publicly documented incidents. The analysis quantified direct financial losses, indirect business disruptions, and broader socio-financial consequences. The median direct losses per incident were approximately $0.4 million, while extreme cases ranged from several hundred million to billions of dollars, in some cases equivalent to 2–2.5% of national GDP. The results confirm that cyber incidents generate multi-layered economic effects, disproportionately affecting highly interconnected sectors such as finance, healthcare, and critical infrastructure. Indirect and systemic losses – including reputational damage, legal liabilities, and erosion of consumer confidence – often exceeded the direct costs of remediation. The study highlights the importance of integrating cybersecurity into economic policy, corporate governance, and risk management strategies to mitigate these macroeconomic and firm-level vulnerabilities.

Downloads

Download data is not yet available.

References

1. Agrafiotis, I., Nurse, J. R., Goldsmith, M., Creese, S., & Upton, D. (2018). A taxonomy of cyber-harms: Defining the impacts of cyber-attacks and understanding how they propagate. Journal of Cybersecurity, 4(1).

2. Bederna, Z. and Szádeczky, T. (2023) ‘Managing the financial impact of cybersecurity incidents’, Security and Defence Quarterly, 41(1). Retrieved from: doi: 10.35467/sdq/159625.

3. Cashell, B., Jackson, W. D., Jickling, M., & Webel, B. (2004). The economic impact of cyber-attacks. Congressional Research Service documents, CRS RL32331 (Washington DC), 2.

4. Chin, K. (2024). The Impact of Cybercrime on the Economy, UpGuard, Retrieved from: https://www.upguard.com/blog/the-impact-of-cybercrime-on-the-economy.

5. Cobos, E.V. (2024). Cybersecurity economics for Emerging Markets. Washington, DC: World Bank. Retrieved from: doi:10.1596/978-1-4648- 2120-2.

6. Cobos, V., Belen., E., Selcen, C. (2024). A Review of the Economic Costs of Cyber Incidents. Washington, D.C.: World Bank Group. Retrieved from: http://documents.worldbank.org.

7. Cvetković, V. M., Aleksov, B., Renner, R., Gаčić, J., Ivanov, A., & Milašinović, S. (2025). Community-based disaster risk reduction: Overcoming barriers to build stronger communities. International Journal of Disaster Risk Management, 7(2), 1.

8. Dada, K. S. J., Mohammed, H. A., & Quadir, R. O. (2025). Disaster risk management in academic institutions: An assessment of preparedness and recovery at Kashim Ibrahim Library, Nigeria. International Journal of Contemporary Security Studies, 1(1), 1–15.

9. Dada, K. S. J., Mohammed, H. A., Mallam, D., & Ajayi, E. O. (2025). Security of information resources in Federal College of Education libraries in Northwest Nigeria. International Journal of Contemporary Security Studies, 1(1), 85–98.

10. Dhillon, G. (2015). What to do before and after a cybersecurity breach. American University, Washington, DC, Kogod Cybersecurity Governance Center.

11. Fielder, A., König, S., Panaousis, E., Schauer, S., & Rass, S. (2018). Risk assessment uncertainties in cybersecurity investments. Games, 9(2), 34.

12. Fotis, F. (2024). Economic Impact of Cyber Attacks and Effective Cyber Risk Management Strategies: A light literature review and case study analysis. Procedia Computer Science, 251, 471-478.

13. Garba, T. M., & Akaan, R. (2025). The Socioeconomic and Psychological Implications of Polygamy: A Quantitative and Qualitative Analysis Concerning Disaster Risk Reduction and Management (DRRM) in Nigeria. International Journal of Contemporary Security Studies, 1(1), 25–34.

14. George, A. S., Baskar, T., & Srikaanth, P. B. (2024). Cyber threats to critical infrastructure: assessing vulnerabilities across key sectors. Partners Universal International Innovation Journal, 2(1), 51-75. Retrieved from: https://doi.org/10.5281/zenodo.10639463.

15. IBM Corporation (2024). Cost of a Data Breach Report. Retrieved from: https://www.ibm.com/downloads/documents/us-en/107a02e94948f4ec.

16. International Chamber of Commerce (2024). Protecting the cybersecurity of critical infrastructure and their supply chains.

17. International Monetary Fund (2024). Global Financial Stability Report, The Last Mile: Financial Vulnerabilities and Risks.

18. International Telecommunication Union (2024). Global Cybersecurity Index 2024, 5th Edition. Telecommunication Development Bureau, Switzerland. Retrieved from: https://www.itu.int/dms_pub/itu-d/opb/hdb/d-hdb-gci.01-2024-pdf-e.pdf.

19. Ismail, M. (2017). Sony Pictures and the U.S. Federal Government: A Case Study Analysis of the Sony Pictures Entertainment Hack Crisis Using Normal Accidents Theory, University of Southern Mississippi. Retrieved from: https://aquila.usm.edu.

20. Issayevaa, G. K., Zhussipovaa, E. E., Aitymbetovaa, A. N., Kuralbayevab, A. S., & Abdykulovaa, D. B. (2023). The Impact of Cybersecurity Breaches on Firm’s Market Value: the Case of the USA. Retrieved from: https://doi.org/10.51176/1997-9967-2023-4-200-219.

21. Janković, L., Cvetković, V. M., Gačić, J., Renner, R., & Jakovljević, V. (2025). Integrating psychosocial support into emergency and disaster management and public safety: The role of the Red Cross of Serbia. International Journal of Contemporary Security Studies, 1(1), 99–124.

22. Jeimy, J., Cano, M. (2023). Flexi-a conceptual model for enterprise cyber resilience. Procedia Computer Science, 219, 11-19.

23. Jimmy, F. (2024). Assessing the Effects of Cyber Attacks on Financial Markets. Journal of Artificial Intelligence General Science (JAIGS) ISSN:3006-4023, 6(1), 288–305. Retrieved from: https://doi.org/10.60087/jaigs.v6i1.254.

24. Jørgensen, E. U. (2018). The stakeholder attributions of corporate crisis responsibility following a cyber attack. Retrieved from: https://research-api.cbs.dk/ws/portalfiles/portal/59754091/427671_Elisabeth_Jorgensen_digital.pdf

25. Kamiya, S., Kang, J.K., Kim, J., Milidonis, A., Stulz, R. (2018). What is the Impact of Successful Cyberattacks on Target Firms?, NBER Working Papers 24409, National Bureau of Economic Research, Inc.

26. Kuzior, A., Brożek, P., Kuzmenko, O., Yarovenko, H., & Vasilyeva, T. (2022). Countering cybercrime risks in financial institutions: Forecasting information trends. Journal of Risk and Financial Management, 15(12), 613.

27. Kuzior, A., Tiutiunyk, I., Zielińska, A., & Kelemen, R. (2024). Cybersecurity and cybercrime: Current trends and threats. Journal of International Studies, 17(2), 220 239. Retrieved from: doi:10.14254/2071-8330.2024/17-2/12.

28. Lee, I. (2021). Cybersecurity: Risk management framework and investment cost analysis. Business Horizons, 64(5), 659-671. Retrieved from: https://doi.org/10.1016/j.bushor.2021.02.022.

29. Lis, P., Mendel, J. (2019). Cyberattacks on critical infrastructure: An economic perspective. Economics and Business Review, Vol. 5 (19), No. 2, 2019: 24-47. Retrieved from: DOI: 10.18559/ebr.2019.2.2.

30. Metić, A. (2025). The Significance and Role of Police Officers in Building the School as a Safe Environment for All Students. International Journal of Contemporary Security Studies, 1(1), 17–24.

31. Onunka, O., Alabi, A. M., Okafor, C. M., Obiki-Osafiele, A. N., Onunka, T., Daraojimba, C. (2023). Cybersecurity in US and Nigeria banking and financial institutions: review and assessing risks and economic impacts. Acta Informatica Malaysia, 7(1): 54-62. Cybersecurity Risk Assessment in Smart City. Retrieved from: DOI: http://doi.org/10.26480/aim.01.2023.54.62.

32. Popović Mančević, M. (2025). Non-Traditional Roles of Military Actors: NATO’s Engagement in Natural Disaster Response. International Journal of Contemporary Security Studies, 1(1), 75–84.

33. Putnik, N. (2022). Cyber War and Cyber Peace, Belgrade: Akademska misao: University, Faculty of Security.

34. Putnik, N., Milošević, M., Cvetković, V. (2022). Ransomware as a security threat – social and criminal law aspects. Sociological Review, vol. LVI (2022), no. 1, pp. 328–353.

35. Ryan, E., Soderber, M. (2024). A Victim or Not? A quantitative experimental study of a cyber attack crisis’ effect on public attitudes toward an organization and on the organization’s reputation. Department of Strategic Communication, Lund University Libraries, Sweden. Retrieved from: http://lup.lub.lu.se/student-papers/record/9154741.

36. Saeed, S., Altamimi, S. A., Alkayyal, N. A., Alshehri, E., & Alabbad, D. A. (2023). Digital transformation and cybersecurity challenges for businesses resilience: Issues and recommendations. Sensors, 23(15), 6666. Retrieved from: https://doi.org/10.3390/s23156666

37. Schwarz, M., Marx, M., & Federrath, H. (2021). A structured analysis of information security incidents in the maritime sector. arXiv preprint arXiv:2112.06545.

38. Seng, Y. J., Cen, T. Y., bin Mohd Raslan, M. A. H., Subramaniam, M. R., Xin, L. Y., Kin, S. J., Long, M. S., Sindiramutty, S. R. (2024). In-Depth Analysis and Countermeasures for Ransomware Attacks: Case Studies and Recommendations. Retrieved from: doi: 10.20944/preprints202408.2261.v1.

39. Sherr, I., Wingfield, N. (2011). Play by play: Sony’s struggles on breach. Wall Street Journal. Retrieved from: https://www.wsj.com.

40. Slavković, A., Slavković, N., Zajić, G., Kostić, S. (2023). Digital transformation, artificial intelligence and internet of things as a support for new insurance industry systems. Challenges and insurance market’s responses to the economic crisis, Belgrade : University of Belgrade, Faculty of economics and business, Publishing centre, 419-438.

41. Steinberg, S., Stepan, A., Neary, K. (2021). NotPetya: A Columbia University Case Study, Columbia University: Columbia’s School of International and Public Affairs (SIPA) Picer Center Digital Education Group.

42. Sunny, A. (2024). A study on financial cyber-crimes, trends, patterns, and its effects in the economy. Addict Criminol. 7(1):186.

43. Tarter, A. (2017). Importance of cyber security. Community Policing-A European Perspective: Strategies, Best Practices and Guidelines, 213-230.

44. Thakur, M. (2024). Cyber security threats and countermeasures in digital age. Journal of Applied Science and Education (JASE), 4(1), 1-20.

45. ThankGod, J. (2024). Cyber Heists and Trade Turmoil: Uncovering the Economic Impact of Cybersecurity Breaches on Global Commerce. Retrieved from: http://dx.doi.org/10.2139/ssrn.4858710

46. Valackienė, A., Odejayi, R. O. (2024). The impact of cyber security management on the digital economy: multiple case study analysis. Intellectual Economics, 18(2), 261-283. Retrieved from: doi10.13165/IE-24-18-2-02.

47. Vidović, N., & Beriša, H. (2025). Economic aspects of cyber security: Socio-financial consequences of cyber attacks. International Journal of Contemporary Security Studies, 1(1), 149–162.

48. Vidović, N., Beriša, H. & Cvetković, M. V. (2024). Optimising Disaster Resilience Through Advanced Risk Management and Financial Analysis of Critical Infrastructure in the Serbian Defence Industry, International Journal of Disaster Risk Management, Vol. 6 (2024) No. 2, Article 12 (p. 183–199), Retrieved from: https://doi.org/10.18485/ijdrm.2024.6.2.12

49. Weng, Y., Wu, J. (2024). Fortifying the global data fortress: a multidimensional examination of cybersecurity indexes and data protection measures across 193 nations. International Journal of Frontiers in Engineering Technology, 6(2), 13-28.

50. World Economic Forum (2024). Global Cybersecurity Outlook 2024, Insight report. Retrieved from: https://www3.weforum.org.

51. World Economic Forum (2025). Global Cybersecurity Outlook 2025, Insight report. Retrieved from: https://reports.weforum.org.

52. Zadorozhnyi, Z. M., Muravskyi, V., Shevchuk, O., & Bryk, M. (2021). Innovative accounting methodology of ensuring the interaction of economic and cybersecurity of enterprises.

Economic Aspects of Cyber Security: Socio-Financial Consequences of Cyber Attacks

Authors

DOI:

Keywords:

Abstract

Downloads

References

Downloads

Published

Issue

Section

License

How to Cite

Similar Articles

Most read articles by the same author(s)

Make a Submission

Publisher - Faculty of Security Studies, University of Belgrade

Explore IJCSS

Latest publications

Information