Supports investors by seeking to identify companies with low or neglible expected relative exposure to cyber breaches within the next 12 months
NEW YORK (March 28, 2023) — ISS ESG, the sustainable investment arm of Institutional Shareholder Services Inc. (ISS), today announced the launch of the ISS ESG US Cyber Risk Index, which supports investors in identifying and tracking companies with low or negligible cyber-related risks based on the ISS ESG Cyber Risk Score, which signals the relative likelihood that an organization may suffer a material cybersecurity incident within the next 12 months, based on its external security posture.
The ISS ESG Cyber Risk Score, which underpins the new ISS ESG US Cyber Risk Index, is a differentiated offering in the market, seeking to provide a proactive approach to identifying and managing cyber risks. We regularly collect global risk indicators that reflect a company’s cyber security risk behaviors, incorporating elements indicative of organizational security posture on endpoints, software services, and infrastructure configuration. These are combined with historical data to inform our proprietary risk model that uses machine learning to identify patterns and signatures indicative of potential breach events. Our approach is focused on the effectiveness of cyber security behavior rather than on temporary conditions, seeking to take into account the ever-changing cyber threat landscape.
Potential ISS ESG US Cyber Risk Index constituents are drawn from the US large and mid-cap stock universe, and only issuers with a rating of low to negligible risk, i.e., within an ISS ESG Cyber Risk Score range of 650-850, are eligible. Further, ISS ESG screens are applied to remove prospective constituents with “Red” Norm Based Research flags, “Red” Controversial Weapons flags, and those with an overall ISS ESG Corporate Rating of D+ or less. The index is market cap weighted and rebalanced quarterly.
Hernando Cortina, Head of Index Strategy at ISS ESG, said: “The cost of corporate cyber breaches can run in the hundreds of millions of dollars per incident. For investors, the launch of ISS ESG’s US Cyber Risk Index provides an investable tool to screen for companies with low or negligible expected relative exposure to cyber breaches within the next 12 months.” Cortina added: “The new Cyber Risk Index is the latest example of ISS ESG’s innovative and differentiated index offerings, drawing on our evolving range of sustainability ratings and research, and high-quality data.”
Index methodologies are available on the ISS website and that of the Index Administrator, Solactive AG, an authorized benchmark administrator under European Benchmark Regulation (BMR). Index values may be obtained using the following identifier: ISSCYRUT.
To learn more about ISS ESG’s index offerings, please click here.
About ISS ESG
ISS ESG solutions enable investors to develop and integrate sustainable investing policies and practices, engage on sustainable investment issues, and monitor portfolio company practices through screening solutions. It also provides climate data, analytics, and advisory services to help financial market participants understand, measure, and act on climate-related risks across all asset classes. In addition, ESG solutions cover corporate and country ESG research and ratings enabling its clients to identify material social and environmental risks and opportunities. For more information, please visit us at: www.iss-esg.com
Executive Director, Communications, ISS