Cybersecurity Risk and ESG: Systemic Events Analysis

Posted on December 5, 2022

Liam Zerter
Liam Zerter
Quantitative Research Manager, Methodology & Product Architecture
Melissa Hudson
Melissa Hudson
Associate Director, Research Products

Black swans are unexpected events characterized by their extreme rarity, severe impact, and widespread insistence that they were obvious in hindsight.

The sudden changes caused by global crisis force companies to adapt and change how they do everyday business. With digitization becoming increasingly embedded in more aspects of companies’ operations, cybersecurity software is an essential infrastructure that needs to be developed alongside new processes. Essentially, it is complementary product to the activity of new and existing operations.

Recent and still persistent global crises, such as the COVID-19 pandemic or the Russian-Ukrainian war, can be seen as a catalyst for companies willing to restructure their everyday business processes.

The COVID-19 pandemic quickly created a demand for a new flexible way to work remotely, along with a higher demand for delivery services. As a result, the spending on identity management services and e-commerce platforms increased—according to the World Economic Forum—leading to an increased requirement for companies to monitor added access points for hackers as the IT landscape effectively expanded.

When looking at cybersecurity thematic funds, we found evidence of the increased need for monitoring cyberthreats. Based on this preliminary analysis, we created a cybersecurity model fund by combining four of the oldest cybersecurity thematic funds and comparing the performance against an IT benchmark. Then, we compared the performance during the Russian invasion of Ukraine, expecting a boosted demand for cybersecurity products to directly benefit cybersecurity companies' stock prices.

Within the first 15 days of the Russian-Ukrainian war—24 February to 11 March 2022—the cybersecurity fund increased by 5.1%, whereas the benchmark Technology exchanged-traded fund declined by -5.8%, a difference of 10.9%, as Exhibit 1 shows. 

This performance gap is strikingly similar to the COVID-19 pandemic rebound at the end of March 2020: a 15-day trading divergence greater than 10% has only occurred twice.

Exhibit 1: Price Action of Cybersecurity Funds - Russia-Ukrainian War Effect

Model Cybersecurity Fund consists of an equal weight investment in the Beta Shares Global Cybersecurity ETF, ETFMG Prime Cyber Security ETF, First Trust Nasdaq Cybersecurity ETF, and the L&G Cyber Security ETF.
Source: Morningstar Sustainalytics

From 8 February to 8 September 2022, our cybersecurity model fund is down only -13.9%, ahead of the sector benchmark, which is down -17.0%. This is a current outperformance of 3.1% against a benchmark that has consistently outperformed our cybersecurity model fund over the past five years. Following the Russian invasion of Ukraine, cyberwarfare is perceived as an imminent risk for the first time: A thought-provoking finding.

The Russian invasion scaled cyberthreats upward, pushing for increased security of vital infrastructure while underpinning the IT landscape expansion initiated by COVID-19.

Ultimately, some systemic events have the potential to compound on one another and exponentially increase environmental, social and governance (ESG) risk and financial cost. 

More and more, cyberthreats are perceived as a systemic ESG risk, as illustrated by both global systemic events, the COVID-19 pandemic, and the Russian invasion of Ukraine. As such, it is timely for companies to consider incorporating ESG countermeasures to mitigate the potential financial losses of cyberattacks.

For further insights, read our recently published paper The Impact of Cyberattacks on Stock Prices, where we highlight that companies with robust Data Privacy and Security policies are better prepared to mitigate financial losses. Furthermore, our blog Cybersecurity: A Growing ESG and Business Risk highlights the evolving trends and complexities of the cybersecurity landscape.


impact of cyberattacks on stock prices


Recent Content

10 for 2023

10 for 2023: Investing in Emerging Technologies

A fresh approach looking into technological innovation that has the potential to impact global sustainability and the way we live, work, and move.

scope 3 emissions shareholder voting

Investors Seek Meaningful Scope 3 Emissions Targets to Evaluate Climate Transition Plans

Climate concerns continued to dominate proxy voting in the 2022 proxy season. With more clarity on sectoral commitments required to achieve the global net zero goal, shareholders’ requests have become noticeably more specific. A larger number of resolutions asked companies to adopt and report on emissions reduction targets and transition plans that reference the latest forward-looking guidance.

Biodiversity COP15 Sustainalytics

Post-COP15 Outlook: Evolving Investor Responsibilities in Biodiversity

Awaiting COP15’s Global Biodiversity Framework negotiation outcomes, financial market participants could face new regulatory pressure sooner than expected to integrate biodiversity assessment into their investment, decision-making processes.

2023 Outlook ESG

In 2023, Expect Europe’s Asset Managers to Gain Ground on ESG Regulations, Morningstar Sustainalytics President Says