S&P Global Credit adds cybersecurity to list of risk factors for evaluating credit scores and will use NIST standards for the evaluation process.
As cyberattacks and data breaches grow bigger and more frequent, companies that don’t build strong cybersecurity defenses may feel a direct financial hit even before hackers show up. In a report published March 30, S&P Global Ratings warned that “…companies that do not incorporate cyber risk mitigation strategies into their corporate governance and risk management frameworks could face ratings pressure, even before an attack.”
S&P Global Ratings cited Check Point Research that showed average weekly cyberattacks per organization went up 53% in 2021 as compared to 2020, with even worse numbers for data-rich sectors. The agency noted that most companies that have endured a cyberattack have been able to manage the impact without harming credit ratings. At the same time, “negative…
