Share This Article
Sign up to stay
You’ve seen the headlines about ransomware and corporate shutdowns due to cyberattacks, and the unfortunate truth is that these threats are becoming more widespread.
Technology has spurred unprecedented economic growth for investors. However, we believe investors have a duty to push companies to follow best practices and be proactive in their security. It’s a good investment!
This is also true for keeping the supply chain secure. To maintain their own security, big companies need to push every vendor linked in their supply chain to practice good cybersecurity hygiene.
We think you should view cybersecurity as a priority risk category alongside factors like liquidity risks and environmental, social, and governance (ESG) risks. This is true whether you’re an institutional or individual investor. Here is why you should consider cybersecurity when evaluating potential investments or supply chain vendors.
1. Cyber threats are escalating
Most importantly, you should put a heightened focus on cybersecurity as a risk category because cyber threats have surged in the past decade and don’t appear to be slowing down. Cyberattacks are now sophisticated, frequent, devastating, and expensive. From ransomware attacks targeting critical infrastructure to data breaches exposing sensitive customer data, these threats have led to substantial financial losses. Security needs to be a significant concern for investors.
2. Cyberattacks cut into profits
A successful cyberattack will likely have severe financial repercussions. Not only will a data breach likely lead to hefty regulatory fines and legal liabilities, it can severely undercut a company’s reputation. This, in turn, can depress stock prices and turn off investor trust. Assume attackers will target your investments – you want these companies to be proactive.
3. Regulators are watching
Regulators worldwide are implementing stringent cybersecurity regulations to protect consumers and maintain market integrity. Non-compliance with these regulations can result in substantial penalties and legal consequences, even if the company is not headquartered in the country where the regulators have jurisdiction. Companies that adhere to cybersecurity regulations are better positioned to mitigate cyber risks, and wise investors know this.
4. Think about tomorrow’s risks
Cybersecurity is a race of escalation – while we’re working on solutions for today, the hackers and scammers are dedicated to finding cracks in our shield. You’re probably looking for long-term investments, so you want to make sure a company is thinking proactively about cyber risk management and sustainability. These will always be safer bets as we head deeper into the 21st Century.
5. The market is watching
How a company responds to a cyber incident will be closely watched by investors and will have an impact on its stock price. Even if a company is breached, if it acts transparently, quickly, and decisively, it can show that it has a plan and it can overcome adversity. This can shine positively on its public image…and market sentiment. Not only do savvy investors consider a company’s cybersecurity defenses, but they also evaluate its crisis management strategies.
No matter whether you’re evaluating a company as an investment or as a possible supply chain vendor, ask about its cybersecurity protocols and response plans. This doesn’t have to be a “my way or the highway” conversation, you can work with them to improve their cyber posture. Either way, being proactive about cyber is much less expensive than being caught flat-footed amid a security crisis.