ISS ESG, the sustainable investment arm of Institutional Shareholder Services Inc. (ISS), has announced the launch of its US Cyber Risk Index, which supports investors by seeking to identify and track companies with low or negligible expected relative exposure to cyber breaches, based on the ISS ESG Cyber Risk Score, within the next 12 months.
According to the announcement, the ISS ESG Cyber Risk Score, which underpins the new ISS ESG US Cyber Risk Index, is a differentiated offering in the market, seeking to provide a proactive approach to identifying and managing cyber risks.
“We regularly collect global risk indicators that reflect a company’s cyber security risk behaviours, incorporating elements indicative of organisational security posture on endpoints, software services, and infrastructure configuration,” ISS ESG explained.
“These are combined with historical data to inform our proprietary risk model that uses machine learning to identify patterns and signatures indicative of potential breach events.”
The firm highlighted that ISS ESG’s approach is focused on the effectiveness of cyber security behaviour rather than on temporary conditions, seeking to take into account the ever-changing cyber threat landscape.
Drawn from the US large and mid-cap stock universe, potential ISS ESG US Cyber Risk Index constituents with a rating of low to negligible risk are eligible, for example those within an ISS ESG Cyber Risk Score range of 650-850.
Further, ISS ESG screens are applied to remove prospective constituents with “Red” Norm Based Research flags, “Red” Controversial Weapons flags, and those with an overall ISS ESG Corporate Rating of D+ or less. The index is market cap weighted and rebalanced quarterly.
Hernando Cortina, Head of Index Strategy at ISS ESG, commented: “The cost of corporate cyber breaches can run in the hundreds of millions of dollars per incident.
“For investors, the launch of ISS ESG’s US Cyber Risk Index provides an investable tool to screen for companies with low or negligible expected relative exposure to cyber breaches within the next 12 months.”
Cortina added: “The new Cyber Risk Index is the latest example of ISS ESG’s innovative and differentiated index offerings, drawing on our evolving range of sustainability ratings and research, and high-quality data.”