Skip to main content

Cybersecurity Risk and ESG: Systemic Events Analysis

Posted on December 5, 2022

Liam Zerter
Liam Zerter
Quantitative Research Manager, Methodology & Product Architecture
Melissa Hudson
Melissa Hudson
Associate Director, Research Products

Black swans are unexpected events characterized by their extreme rarity, severe impact, and widespread insistence that they were obvious in hindsight.

The sudden changes caused by global crisis force companies to adapt and change how they do everyday business. With digitization becoming increasingly embedded in more aspects of companies’ operations, cybersecurity software is an essential infrastructure that needs to be developed alongside new processes. Essentially, it is complementary product to the activity of new and existing operations.

Recent and still persistent global crises, such as the COVID-19 pandemic or the Russian-Ukrainian war, can be seen as a catalyst for companies willing to restructure their everyday business processes.

The COVID-19 pandemic quickly created a demand for a new flexible way to work remotely, along with a higher demand for delivery services. As a result, the spending on identity management services and e-commerce platforms increased—according to the World Economic Forum—leading to an increased requirement for companies to monitor added access points for hackers as the IT landscape effectively expanded.

When looking at cybersecurity thematic funds, we found evidence of the increased need for monitoring cyberthreats. Based on this preliminary analysis, we created a cybersecurity model fund by combining four of the oldest cybersecurity thematic funds and comparing the performance against an IT benchmark. Then, we compared the performance during the Russian invasion of Ukraine, expecting a boosted demand for cybersecurity products to directly benefit cybersecurity companies' stock prices.

Within the first 15 days of the Russian-Ukrainian war—24 February to 11 March 2022—the cybersecurity fund increased by 5.1%, whereas the benchmark Technology exchanged-traded fund declined by -5.8%, a difference of 10.9%, as Exhibit 1 shows. 

This performance gap is strikingly similar to the COVID-19 pandemic rebound at the end of March 2020: a 15-day trading divergence greater than 10% has only occurred twice.

Exhibit 1: Price Action of Cybersecurity Funds - Russia-Ukrainian War Effect

Model Cybersecurity Fund consists of an equal weight investment in the Beta Shares Global Cybersecurity ETF, ETFMG Prime Cyber Security ETF, First Trust Nasdaq Cybersecurity ETF, and the L&G Cyber Security ETF.
Source: Morningstar Sustainalytics

From 8 February to 8 September 2022, our cybersecurity model fund is down only -13.9%, ahead of the sector benchmark, which is down -17.0%. This is a current outperformance of 3.1% against a benchmark that has consistently outperformed our cybersecurity model fund over the past five years. Following the Russian invasion of Ukraine, cyberwarfare is perceived as an imminent risk for the first time: A thought-provoking finding.

The Russian invasion scaled cyberthreats upward, pushing for increased security of vital infrastructure while underpinning the IT landscape expansion initiated by COVID-19.

Ultimately, some systemic events have the potential to compound on one another and exponentially increase environmental, social and governance (ESG) risk and financial cost. 

More and more, cyberthreats are perceived as a systemic ESG risk, as illustrated by both global systemic events, the COVID-19 pandemic, and the Russian invasion of Ukraine. As such, it is timely for companies to consider incorporating ESG countermeasures to mitigate the potential financial losses of cyberattacks.

For further insights, read our recently published paper The Impact of Cyberattacks on Stock Prices, where we highlight that companies with robust Data Privacy and Security policies are better prepared to mitigate financial losses. Furthermore, our blog Cybersecurity: A Growing ESG and Business Risk highlights the evolving trends and complexities of the cybersecurity landscape.

 

impact of cyberattacks on stock prices

 


Recent Content

Reflections on COP29: A Participant’s Call to Action for the Financial Sector

Reflections on COP29: A Participant’s Call to Action for the Financial Sector

Sustainalytics' Tom Eveson reflects on the outcome from COP29 and the opportunity for the financial sector to lead as architects for a sustainable future.

Header Ron Bundy quarterly column

Taking a Forward Look on Climate Investing

83% of US-based issuers have some real estate at high physical risk in worst climate scenario, Morningstar Sustainalytics finds.

Biodiversity in the Balance Revisited | Sustainalytics

Biodiversity in the Balance: Revisiting Portfolio Risks

On the occasion of COP16, this article updates previous research from Morningstar Sustainalytics showing how investing in companies facing high levels of risk associated with biodiversity loss can have a material effect on long-term portfolio performance.

Green Buildings on the Rise | Morningstar Sustainalytcs

Green Buildings on the Rise: Why Building Products Matter

This article explains the role of building products companies in the global green building transition and why investors should consider them as part of their sustainable portfolios.