The global banking sector has by far the largest inherent exposure to cyber risks, according to a new report from Moody’s Investors Service.
In its report, the rating agency aims to evaluate the built-in cyber risk exposure of 35 sectors, based on their vulnerability to a cyber attack and its impact in terms of potential business disruption, data disclosure and reputational risks.
“The growing intersection of supply chains, connectivity and access to data is increasing the potential for significant cyberattacks, creating new risks for governments and businesses worldwide,” it says.
The report ranks four sectors as “high risk,” including banks, securities firms, market infrastructure and hospitals, “all of which rely heavily on technology for operations, content distribution or customer engagement.”
The four high-risk sectors represent a combined $11.7 trillion (all figures in U.S. dollars) in rated debt outstanding, with the banking sector accounting for the vast majority of that total at $11.3 trillion.
The medium-high risk sectors include technology (which ranks second with $2.2 trillion in outstanding debt), electric utilities, health insurance, retail, manufacturing and telecoms.
“These sectors rely on data and technology but have characteristics that can limit the impact of cyber events, such as customer stickiness or the ability to control pricing,” the report says.
“In our view, cyber risk is event risk and we see a rising tide,” it says. “Digitization continues to increase, supply chains are becoming more complex and attacker sophistication is improving.”