The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks...”
July 29, 2024
Statement in Connection with ISS Cyber Risk Score Model Enhancements
ISS ESG, the sustainable investment arm of ISS STOXX, today announced enhancements to its ISS Cyber Risk Score, which provides users with a forward-looking view of cyber incident risk based on an empirical assessment of an organization’s internet-exposed technology assets.
The new ISS Cyber Risk Score takes advantage of a richer collection of cyber incident exemplar data, improved signal collection techniques, and improvements in model features.
“The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks,” said Till Jung, Head of ESG Business at ISS STOXX. “Those rules focus on the disclosure of both cyber incidents and management oversight; but the attention they draw to the topic of cyber incident risk is prompting investors to dig a layer or two deeper. Investors are looking for independent, empirical evidence of sound cyber practices to stress-test what they are now beginning to glean from more robust company disclosures.”
Effective today, scores and other metrics based on the new ISS Cyber Risk Score model will appear in downstream systems for subscribing clients.
Statement in Connection with ISS Cyber Risk Score Model Enhancements
ISS ESG, the sustainable investment arm of ISS STOXX, today announced enhancements to its ISS Cyber Risk Score, which provides users with a forward-looking view of cyber incident risk based on an empirical assessment of an organization’s internet-exposed technology assets.
The new ISS Cyber Risk Score takes advantage of a richer collection of cyber incident exemplar data, improved signal collection techniques, and improvements in model features.
“The SEC’s new cybersecurity disclosure rules, which took effect in December of last year, has resulted in a much sharper focus on the management of such risks,” said Till Jung, Head of ESG Business at ISS STOXX. “Those rules focus on the disclosure of both cyber incidents and management oversight; but the attention they draw to the topic of cyber incident risk is prompting investors to dig a layer or two deeper. Investors are looking for independent, empirical evidence of sound cyber practices to stress-test what they are now beginning to glean from more robust company disclosures.”
Effective today, scores and other metrics based on the new ISS Cyber Risk Score model will appear in downstream systems for subscribing clients.
IA to Review UK Remuneration Principles to Reflect Ongoing Executive Pay Debate
SEC Brazil Dam Lawsuit Puts ESG Disclosures in Focus
BrightScope/ICI Data Find Employer Contributions Are Prevalent in 401(k) Plans
Shareholder Resolutions in Review: Labor Issues