ISS launches cyber risk index
Pardon the Interruption
This article is just an example of the content available to mallowstreet members.
On average over 150 pieces of new content are published from across the industry per month on mallowstreet. Members get access to the latest developments, industry views and a range of in-depth research.
All the content on mallowstreet is accredited for CPD by the PMI and is available to trustees for free.
ISS ESG, the sustainable investment arm of Institutional Shareholder Services, has launched the ISS ESG US Cyber Risk Index, which helps investors identify and track companies with low or negligible cyber-related risks.
The tool is based on the ISS ESG Cyber Risk Score, which indicates the relative likelihood that an organisation may suffer a material cybersecurity incident within the next 12 months, based on its external security status.
Hernando Cortina, head of index strategy at ISS ESG, said: “The cost of corporate cyber breaches can run in the hundreds of millions of dollars per incident.”
The company said it regularly collects global risk indicators about a company’s cyber security risk behaviours, incorporating elements indicative of organisational security posture on endpoints, software services, and infrastructure configuration.
These are then combined with historical data to inform the firm’s risk model, which uses machine learning to identify patterns and signatures showing potential breaches.
The firm said index constituents are drawn from the US large and mid-cap stock companies, and only issuers with a rating of low to negligible risk, within an ISS ESG Cyber Risk Score range of 650-850, are eligible.
How do you think the index can help you price cyber risk insurance?
