Skip to main content

Cybersecurity Risk and ESG: Systemic Events Analysis

Posted on December 5, 2022

Liam Zerter
Liam Zerter
Quantitative Research Manager, Methodology & Product Architecture
Melissa Hudson
Melissa Hudson
Associate Director, Research Products

Black swans are unexpected events characterized by their extreme rarity, severe impact, and widespread insistence that they were obvious in hindsight.

The sudden changes caused by global crisis force companies to adapt and change how they do everyday business. With digitization becoming increasingly embedded in more aspects of companies’ operations, cybersecurity software is an essential infrastructure that needs to be developed alongside new processes. Essentially, it is complementary product to the activity of new and existing operations.

Recent and still persistent global crises, such as the COVID-19 pandemic or the Russian-Ukrainian war, can be seen as a catalyst for companies willing to restructure their everyday business processes.

The COVID-19 pandemic quickly created a demand for a new flexible way to work remotely, along with a higher demand for delivery services. As a result, the spending on identity management services and e-commerce platforms increased—according to the World Economic Forum—leading to an increased requirement for companies to monitor added access points for hackers as the IT landscape effectively expanded.

When looking at cybersecurity thematic funds, we found evidence of the increased need for monitoring cyberthreats. Based on this preliminary analysis, we created a cybersecurity model fund by combining four of the oldest cybersecurity thematic funds and comparing the performance against an IT benchmark. Then, we compared the performance during the Russian invasion of Ukraine, expecting a boosted demand for cybersecurity products to directly benefit cybersecurity companies' stock prices.

Within the first 15 days of the Russian-Ukrainian war—24 February to 11 March 2022—the cybersecurity fund increased by 5.1%, whereas the benchmark Technology exchanged-traded fund declined by -5.8%, a difference of 10.9%, as Exhibit 1 shows. 

This performance gap is strikingly similar to the COVID-19 pandemic rebound at the end of March 2020: a 15-day trading divergence greater than 10% has only occurred twice.

Exhibit 1: Price Action of Cybersecurity Funds - Russia-Ukrainian War Effect

Model Cybersecurity Fund consists of an equal weight investment in the Beta Shares Global Cybersecurity ETF, ETFMG Prime Cyber Security ETF, First Trust Nasdaq Cybersecurity ETF, and the L&G Cyber Security ETF.
Source: Morningstar Sustainalytics

From 8 February to 8 September 2022, our cybersecurity model fund is down only -13.9%, ahead of the sector benchmark, which is down -17.0%. This is a current outperformance of 3.1% against a benchmark that has consistently outperformed our cybersecurity model fund over the past five years. Following the Russian invasion of Ukraine, cyberwarfare is perceived as an imminent risk for the first time: A thought-provoking finding.

The Russian invasion scaled cyberthreats upward, pushing for increased security of vital infrastructure while underpinning the IT landscape expansion initiated by COVID-19.

Ultimately, some systemic events have the potential to compound on one another and exponentially increase environmental, social and governance (ESG) risk and financial cost. 

More and more, cyberthreats are perceived as a systemic ESG risk, as illustrated by both global systemic events, the COVID-19 pandemic, and the Russian invasion of Ukraine. As such, it is timely for companies to consider incorporating ESG countermeasures to mitigate the potential financial losses of cyberattacks.

For further insights, read our recently published paper The Impact of Cyberattacks on Stock Prices, where we highlight that companies with robust Data Privacy and Security policies are better prepared to mitigate financial losses. Furthermore, our blog Cybersecurity: A Growing ESG and Business Risk highlights the evolving trends and complexities of the cybersecurity landscape.


impact of cyberattacks on stock prices


Recent Content

Map showing Saudi Arabia and Turkey with pins

On Location: ESG Engagement in Turkey and Saudi Arabia

Our Stewardship Team shares insights from a recent company engagement trip. Learn about the ESG-related progress being made by companies in Turkey and Saudi Arabia.

The Corporate Sustainability Due Diligence Directive: A Step Towards Stronger Human Rights and Environmental Practice

In this overview, discover the key elements of the Corporate Sustainability Due Diligence Directive and what this EU regulation means for addressing social and environmental issues supply chains.

The Stockholm Stewardship Roundtable: A Practitioner’s Notes on Managing Investor Engagement Today

As concerns about greenwashing grow, investors focus on ensuring their portfolio companies uphold sustainability pledges and generate long-term value. Active ownership through strategic engagement is pivotal in driving sustainable practices.

Cityscape Zurich Switzerland

The Swiss Stewardship Code: 4 Insights for Engagement Managers Globally

The Swiss Stewardship Code offers insights for investors everywhere on how they should engage with their portfolio companies. Read on to discover key considerations for this increasingly popular investment approach.