Below is an excerpt from ISS-Corporate’s recently released article “Corporate Bolster Their Defenses Amid Growing Cyber Risk”. The full article is available on the ISS-Corporate online library.
Cyber risk management is a growing corporate governance priority, amidst a proliferation of cyber threats, headline-grabbing cyber incidents and an increasing focus from investors and regulators. Companies with strong cyber risk management and mitigation programs benefit by reassuring stakeholders that they are committed to safeguarding operations, reputation, and long-term viability.
ISS ESG collects corporate information on security related disclosures, many of which contribute to its Governance QualityScore Audit/Other Risks category ranking. In this blog post, we examine the current state of corporate cyber disclosures and how they have trended over the past three years, focusing on key datapoints that indicate strong cyber risk management practices including:
- Employee training programs
- Board briefings and their frequency
- Directors with information security expertise
- Supply-chain risk management
- Materiality assessment frameworks
By:
Ramy Ibrahim, Associate Director, Product Manager, ESG, Data Analytics & Financial Solutions, ISS-Corporate
Douglas Clare, Managing Director, Cyber Strategy, ISS-Corporate
Sandra Herrera Lopez, Vice President, Data Analytics Research, ISS-Corporate
