Cyber Risk and Credit-Worthiness
Moody's Investors Service recently indicated that it considers cyber risks as a factor in credit-worthiness.
Negative cyber-events including disruption of service or data theft that could affect an enterprises ability to pay back debts on time could result in the company being downgraded according to Moody's.
“We consider the risk of a widespread, material cyber event in a manner similar to the way we view major storms or natural disasters, in that the timing — and consequences — of a successful attack are uncertain,” Moody’s said in the report.
Moody's did reveal that they have not yet downgraded any company based on cybersecurity alone. Moody's is not alone in using cyber threats as an influence on credit-worthiness. Standard & Poor's also revealed recently that banks could be downgraded before a hack if they were confident the bank was ill-prepared to withstand a cyberattack.
Cyber threats are top of mind with those in the financial industry. The New York Stock Exchange recently released an extensive (355-page) cybersecurity book for public companies which outlines how to plan for and respond to hacks.