Cybersecurity risks a growing ESG concern

‘Cybersecurity solutions are going to be key to help us protect ourselves’

|

ESG Clarity

The pandemic has brought cybersecurity risks to the forefront of the minds of ESG investors and clients alike.

This week, a new Architas ESG report found data protection and cybersecurity to be the second most pressing ESG issue for retail clients in eight out of 11 markets it surveyed. The most important factor was honest and transparent accounting.

Furthermore, last year, many industry commentators forecast cybersecurity to be a growing theme for governments and firms to take note of.

For example, Patrick Thomas, head of ESG investing and investment director at Canaccord Genuity Wealth Management and an ESG Clarity editorial panellist said: “With increased home working comes increasing online threats. Organisations have a duty of care to lock down their systems and make them as secure as possible. Cyber criminals are looking for new opportunities to exploit this ‘new norm’ and cybersecurity solutions are going to be key to help us protect ourselves.”

In the wake of events such as the shutdown of the Colonial Pipeline from a ransomware attack in May, “energy infrastructure needs to become more cyber resilient,” an S&P Global Ratings report said, and managers should be diligent in checking the data security procedures of their investments, as well as, if applicable, looking for new cybersecurity solutions.

Solutions

Specific funds already exist, such as the Rize Cybersecurity and Data Privacy UCITS ETF launched last year, and L&G’s Cyber Security ETF, iShares’ Cybersecurity and Tech ETF and Pictet, which has an active fund focused on cyber security.

Regulators are also starting to act. An FOI request revealed the Financial Conduct Authority sent 4,430 employees on compulsory cyber and information security courses over the past two financial years in order to help combat the growing threat of financial crime.  

Encompass Corporation CEO Wayne Johnson said: “Investing in the latest cyber skills training is essential, especially for an organisation tasked with investigating financial crime, money laundering and upholding regulatory standards.”