“Cyber security weakness is an important risk that investors need to monitor, and cases such as Equifax underscore the consequences of data breaches on stock prices,” said Chris Hammond, executive director, Research Signals at IHS Markit. “Bitsight Security Ratings provide a quantitative measure of a specific company’s cyber security risk, which fits well into quant models and risk models. It’s an example of how alternative data can help investors make better decisions and monitor risks in their portfolio that they were unable to capture in the past.”

Data breaches and cyber incidents can damage a company’s reputation and share price; one recent study found that share prices fall by an average of 5 percent after the disclosure of a data breach. For portfolio managers, having daily insight on cyber security risk can enable more informed investment decisions.

"Cyber-attacks can result in significant financial impact to the bottom line, but many investors remain in the dark about the security performance of their portfolio companies," said Jacob Olcott, VP of Strategic Partnerships at Bitsight. "Bitsight Security Ratings provide investors critical cyber security information that helps them make better investment decisions. We are glad to work with IHS Markit on this groundbreaking offering for the investor community."

The Bitsight Security Rating Platform generates objective, quantitative measurements on a company’s security performance to produce daily security ratings ranging from 250 to 900. Bitsight analyses security events including malware, vulnerabilities, user behaviours, and more and applies sophisticated algorithms to produce these ratings, which are derived using externally observable, non-intrusive methods.

“The digitalisation of data has created opportunities for cyber criminals, and as markets become more automated, there are more channels for data breaches,” said Virginie O’Shea, research director at Aite Group. “Across sectors, companies are taking action to reduce cyber crime, but they must continue to be aware of any risk that can emerge along with innovation.”