Cyber Markets Roundup (Wk. 16, April '23): Creating a culture where cybersecurity risks are a priority

Ian L. Paterson

Fixer for CISOs | Securing Critical Infrastructure to Preserve Democracy 🔐 | CEO @ Plurilock TSXV:PLUR

Published Apr 19, 2023

+ Follow

No alt text provided for this image — *Stock data as of the market close, cryptocurrency data as of 4:00 AM ET.

WHAT’S NEW

8 Themes Driving The Future Of Cybersecurity In 2023

Eight overarching themes of cybersecurity this 2023, as presented on Momentum Cyber's 2023 Cybersecurity Almanac:

Cloud Security
Resilience & recovery
Smarter Security
Security of Things
Perimeterless World
Data Security
Shift-Left
Layer 8 – The Human Factor [Team8.VC]

Why private equity cybersecurity is urgent now

How to manage private equity cybersecurity strategy throughout the transaction lifecycle

Cybersecurity is relevant for private equity in four distinct phases of the ownership lifecycle:

Recommended by LinkedIn

Daily Update: A Cyber Strategy is Table Stakes

S&P Global 2 years ago

Risk Prep: How to Secure Your Business Data

Forbes Business Council 6 months ago

Threatonomics Newsletter: February in Review

Resilience 9 months ago

Due diligence: The increasingly short period when the fund considers acquiring a potential portfolio company
Announcement and onboarding: A period of heightened cyber risk and an opportunity for private equity to establish the tone and nature of its relationship with the portfolio company’s management and security team
Value creation: Typically, a three- to five-year period in which cyber risk can be systematically reduced
Exit: When a clean breach record and enhanced cybersecurity can be an attractive selling point or when inadequate cybersecurity can turn into a pain point in the sale and be a source of value erosion [EY]

Creating a technology risk and cyber risk appetite framework

When it comes to technology risk and cyber risk, financial institutions are increasingly shifting toward a risk-based approach to determine their priorities for controls. Those controls should be based on their current security capabilities, the likelihood of threats, and the impact of any potential cyber breach. However, the question remains: can organizations really make strategic, objective decisions about which controls they should and should not implement, given their appetite for technology risk and cyber risk? [McKinsey]

Rising cost of cyber attacks sends insurance policy charges soaring

Premiums for cyber insurance have soared over the past few years. According to Sarah Stephens, head of international cyber insurance at broker Marsh, prices started rising in late 2019.

Marsh’s market index shows that the cost of cyber insurance in the US was rising at a rate of more than 100 per cent year-on-year by the end of 2021, although that had moderated to 79 per cent in the second quarter of this year and 48 per cent in the third. [The Financial Times]

If you enjoyed this edition of the Cyber Markets Roundup, we are inviting you to connect with us on Susbtack for free and let us build a community of like-minded individuals who are interested in cybersecurity, stocks, and financial markets.