IN FOCUS6-8 min read

How cyber risk has changed post Covid

How cyber fraudsters are raising their game, why investors should care and what companies should do.



Vicki Owen
Senior Content Strategist

It might not be surprising that cyber criminals have taken advantage of coronavirus and the rush to remote working. The age of cyber warfare was upon us even before the crisis.

New research suggests online fraudsters are boosting their attacks at an alarming pace, and it’s thought multimillion dollar ransoms could be at stake.

Interpol, the inter-governmental organisation which helps police in 194 member countries, has assessed cyber crime since the Covid-19 pandemic. It has reported that criminals have shifted their targets to big firms, governments and infrastructure.

Meanwhile PwC’s Threat Intelligence team found that by 20 May this year more than 150 organisations globally had their data published on leak sites. More than 60% occurred after 11 March when the World Health Organisation first declared the Covid outbreak to be a pandemic.

Garmin, the smart-watch maker, camera-maker Canon, and technology giant Intel are among recently-reported victims of hacking.

Andrew Howard, Global Head of Sustainable Investment at Schroders, says the crisis is “accelerating a shift in business models, which exacerbates the threats”.

He adds: “Our own analysis shows increased cyber attacks registered by US enforcement agencies, for example. Failure to manage that risk could prove fatal to companies in a world where regulations and fines for breaches are becoming punitive.

“As an active investor, we will continue to actively question those we believe are falling short of expectations.”

Our Sustainable Investment Analyst Ovidiu Patrascu explains in more detail.

Why should investors care about increased cyber attacks?

"Cyber is an increasingly critical source of business risk, especially for companies with important intangible assets such as brands, customer relationships or technology. The negative impact a data breach can have on a brand links straight to a company's competitiveness, future revenues and future cash flows.

"Data breaches often uncover poor governance practices and weak management. Changing people or policies is quick but re-establishing market and customer trust take much longer."

How does targeted company engagement help tackle cyber crime risks?

"In our view, investors should focus on understanding how well a company prepares for cyber events. The depth of its approach should give confidence that when (not if) a breach occurs, processes and resources are in place to minimise the impact.

"Building that understanding means going beyond a formulaic assessment of policies. We believe direct company engagements are the best way to gain insights. We have delved into the topic focusing on a few main areas – governance, expertise and technology. We have engaged with Chief Information Security Officers (CISO) or Data Protection Officers (DPOs) across sectors such as financial services, technology and telecoms."

What should companies be doing to minimise risks of cyber crime?

"It is critical that the company has a well-resourced and specialised cyber security team, managed by a CISO or DPO, preferably reporting to the CEO or the board. The security team should also leverage specialised external expertise on a regular basis to stay on top of new threats and security tools. Internally, the team should have direct ownership of specific technological tasks such as penetration testing, a simulated cyber attack.

"The board should have specific expertise to evaluate whether the company has the appropriate operational and managerial resources to mitigate cyber risk."

Important information

The views and opinions contained herein are those of Schroders’ investment teams and/or Economics Group, and do not necessarily represent Schroder Investment Management North America Inc.’s house views. These views are subject to change. This information is intended to be for information purposes only and it is not intended as promotional material in any respect.


Vicki Owen
Senior Content Strategist


In focus
Market views
Andrew Howard

Please consider a fund's investment objectives, risks, charges and expenses carefully before investing. The Schroder mutual funds (the “Funds”) are distributed by The Hartford Funds, a member of FINRA. To obtain product risk and other information on any Schroders Fund, please click the following link. Read the prospectus carefully before investing. To obtain any further information call your financial advisor or call The Hartford Funds at 1-800-456-7526 for Individual Investors.  The Hartford Funds is not an affiliate of Schroders plc.

Schroder Investment Management North America Inc. (“SIMNA”) is an SEC registered investment adviser, CRD Number 105820, providing asset management products and services to clients in the US and registered as a Portfolio Manager with the securities regulatory authorities in Canada.  Schroder Fund Advisors LLC (“SFA”) is a wholly-owned subsidiary of SIMNA Inc. and is registered as a limited purpose broker-dealer with FINRA and as an Exempt Market Dealer with the securities regulatory authorities in Canada.  SFA markets certain investment vehicles for which other Schroders entities are investment advisers.

Schroders Capital is the private markets investment division of Schroders plc. Schroders Capital Management (US) Inc. (‘Schroders Capital US’) is registered as an investment adviser with the US Securities and Exchange Commission (SEC).It provides asset management products and services to clients in the United States and Canada.For more information, visit

SIMNA, SFA and Schroders Capital are wholly owned subsidiaries of Schroders plc.