IHS Markit has announced that Research Signals, its quantitative equity research product, has enhanced its factor-based investment analyses with 35 cybersecurity risk factors on more than 3,000 public companies. The cybersecurity risk factors are based on security ratings from BitSight, a provider of actionable risk intelligence, and deliver investment risk indicators for institutional investors.
“Cybersecurity weakness is an important risk that investors need to monitor, and cases such as Equifax underscore the consequences of data breaches on stock prices,” said Chris Hammond, executive director, Research Signals at IHS Markit. “BitSight Security Ratings provide a quantitative measure of a specific company’s cybersecurity risk, which fits well into quant models and risk models. It’s an example of how alternative data can help investors make better decisions and monitor risks in their portfolio that they were unable to capture in the past.”
Data breaches and cyber incidents can damage a company’s reputation and share price; one recent study found that share prices fall by an average of 5 percent after the disclosure of a data breach. For portfolio managers, having daily insight on cybersecurity risk can enable more informed investment decisions.
“Cyber-attacks can result in significant financial impact to the bottom line, but many investors remain in the dark about the security performance of their portfolio companies,” said Jacob Olcott, VP of Strategic Partnerships at BitSight. “BitSight Security Ratings provide investors critical cybersecurity information that helps them make better investment decisions. We are glad to work with IHS Markit on this groundbreaking offering for the investor community.”
The BitSight Security Rating Platform generates objective, quantitative measurements on a company’s security performance to produce daily security ratings ranging from 250 to 900. BitSight analyzes security events including malware, vulnerabilities, user behaviors, and more and applies sophisticated algorithms to produce these ratings, which are derived using externally observable, non-intrusive methods.
“The digitalization of data has created opportunities for cybercriminals, and as markets become more automated, there are more channels for data breaches,” said Virginie O’Shea, research director at Aite Group. “Across sectors, companies are taking action to reduce cybercrime, but they must continue to be aware of any risk that can emerge along with innovation.”