The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks...”
July 29, 2024
Statement in Connection with ISS Cyber Risk Score Model Enhancements
ISS ESG, the sustainable investment arm of ISS STOXX, today announced enhancements to its ISS Cyber Risk Score, which provides users with a forward-looking view of cyber incident risk based on an empirical assessment of an organization’s internet-exposed technology assets.
The new ISS Cyber Risk Score takes advantage of a richer collection of cyber incident exemplar data, improved signal collection techniques, and improvements in model features.
“The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks,” said Till Jung, Head of ESG Business at ISS STOXX. “Those rules focus on the disclosure of both cyber incidents and management oversight; but the attention they draw to the topic of cyber incident risk is prompting investors to dig a layer or two deeper. Investors are looking for independent, empirical evidence of sound cyber practices to stress-test what they are now beginning to glean from more robust company disclosures.”
Effective today, scores and other metrics based on the new ISS Cyber Risk Score model will appear in downstream systems for subscribing clients.
Statement in Connection with ISS Cyber Risk Score Model Enhancements
ISS ESG, the sustainable investment arm of ISS STOXX, today announced enhancements to its ISS Cyber Risk Score, which provides users with a forward-looking view of cyber incident risk based on an empirical assessment of an organization’s internet-exposed technology assets.
The new ISS Cyber Risk Score takes advantage of a richer collection of cyber incident exemplar data, improved signal collection techniques, and improvements in model features.
“The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks,” said Till Jung, Head of ESG Business at ISS STOXX. “Those rules focus on the disclosure of both cyber incidents and management oversight; but the attention they draw to the topic of cyber incident risk is prompting investors to dig a layer or two deeper. Investors are looking for independent, empirical evidence of sound cyber practices to stress-test what they are now beginning to glean from more robust company disclosures.”
Effective today, scores and other metrics based on the new ISS Cyber Risk Score model will appear in downstream systems for subscribing clients.
Corporates and Nature: Going Beyond Climate
Navigating California Senate Bills 261 and 253 and the Evolving Landscape of Climate Disclosure
Copper or Robber: Supply Risks and ESG Issues
The Intersection of Artificial Intelligence & ESG: A Spectrum of Risks and Opportunities