Moody’s to Include Cyber Risk in Credit Ratings

Cyber Risk

The American business and financial services company Moody’s will start factoring risk of getting hacked into their credit ratings for companies. The move is seen as part of a wider initiative to gauge the risk of cyberattacks and data breaches to companies and their investors.

“We’ve been in the risk management business for a very long time. This is to enhance our thinking about credit as cyber becomes more and more important,” said Derek Valda, head of Moody’s Investors Services Cyber Risk Group.

The cyber risk for a company will be considered as part of a company’s existing credit rating with an eye toward designating a completely separate cyber risk rating.

Other factors thought to be calculated into the overall risk include the type of company (many industries are more frequently subject to cyberattacks), and the long term impact of a breach on a company’s bottom line.

“There are very specific scenarios that could apply to different companies in different sectors. An organization, for instance, that is involved in manufacturing has a much higher exposure to ransomware than another sector,” Vadala said.

Read more about the story here.