Cybersecurity: sectors and regions most at risk
Cyber attacks are among the greatest dangers faced by companies, but traditional company analysis often ignores this risk. Schroders’ unique cyber-risk scorecard assesses the preparedness of over 6,000 global companies
Authors
The number of weekly cyber attacks on business is rising at 50% per year and the cost of each breach is mounting. Cybersecurity is now cited as the greatest concern for global businesses, coming ahead of other forms of business interruption and natural disaster.*
Yet cyber risk typically sits outside traditional fundamental company analysis. One explanation is the notorious difficulty of assessing the protections in place, including the ability to respond if a data breach occurs.
- See the full report Understanding cybersecurity risks for more detailed analysis, including an example scorecard and case studies of companies having suffered recent breaches.
Assessing company exposure to cybersecurity risk at scale: the scorecard
Close engagement with CEOs and CISOs may be the best way to understand a company’s defences, but this is challenging to deploy at scale. To assess this, Schroders has developed a proprietary scorecard which uses 19 cybersecurity metrics giving an objective external snapshot of companies’ practices and preparedness.
It takes into account each company’s exposure to cyber threats based on geographic region and business activity and combines this with a measure of the company’s cybersecurity risk management processes. It also gauges whether the company’s threat level is improving, deteriorating, or stable.
The scorecard allows companies to be assessed against peers by sector, region and size.
It can act as an initial indicator of companies’ performance, highlighting areas where further targeted research might be needed.
Schroders’ cybersecurity scorecard: top-level results
At headline level, Developed Europe comes out top. While highly exposed to risk, companies in this region were likely to have the strongest cyber management practices in place. By contrast companies in the Developed Pacific region were likely to have poorer processes and a lower score for future risk. On a sector basis, utilities fair best while industrials are most exposed.
Why is cybersecurity a sustainability issue?
Cyber risk has the potential to be one of the most immediate and costly risks faced by organisations today. Businesses that fail to manage the risk may be less resilient and less sustainable.
Beyond financial risk, cybersecurity is also a social issue, as cyber breaches represent a threat to the individuals who personal data is often the key target.
See the full report Understanding cybersecurity risks for more detailed analysis, including an example scorecard and case studies of companies having suffered recent breaches.
*SOURCE: CheckPoint; Allianz Risk Barometer 2022
Authors
Topics