As the potential for significant cyberattacks rises globally, the growing intersection of supply chains, connectivity and access to data is creating new vulnerabilities for governments and businesses.
“We view cyber risk as event risk that can have material impact on sectors and individual issuers,”
Moody’s Managing Director Derek Vadala
Banks, securities firms, financial market infrastructures and hospitals, all of which rely heavily on technology for operations, distribution of content or customer engagement are at high risk, says Moody’s Investors Service in a new report.
“Data disclosure and business disruption are the two primary types of cyber event risk that we view as having the potential for material impact on issuers’ financial profiles and business prospects.”
Moody’s Managing Director Derek Vadala
Four sectors with $11.7 trillion in rated debt outstanding have high risk exposure to cyber-attacks
To develop a framework for understanding inherent cyber risk at the sector level, Moody’s focuses on
1) vulnerability to the type of attack or event to which entities in a given sector are exposed, and
2) potential impact of cyber events via disruption of critical businesses processes or negative reputational effects that lead to a loss of revenue as a result of customer attrition, for example.
Moody’s report classifies high-risk, medium-high risk, medium-low risk and low-risk sectors and also quantifies total rated debt outstanding for each classification. In this report, Moody’s has classified 35 total sectors and over $70 trillion total debt outstanding.