A missing piece of the cyber picture: Economic incentives to be good at it


In the lead-up to its Annual Meeting a World Economic Forum (WEF) note outlines in some detail the steps that boards and C-suites should take to better tackle cybersecurity risk—a top-five risk in its 2020 Global Risks Report. The report poses the question, beyond the rising damage caused by cyber breaches, what incentives for investment and improved approaches exist? Though an increasing number of market players such as insurers and ratings firms are getting in the fray, “coherence, however, is still missing,” according to WEF.

In WEF’s view, “Trusted and verified cybersecurity ratings are needed to improve assessment and comparability across peers. This not only helps to evaluate organizations’ resilience, but could increasingly guide consumer, citizen, and investor decisions.”



For five years running, WEF’s Global Risks Report has listed cyber in the top five of all global risks. It rightly defines cyber as a systemic risk and issues a call to action for boards and C-suites that are fundamental to improving cyber governance. As attention from market participants grows alongside the economic losses, the absence of ‘trusted and verified cyber ratings that improve assessment and enable peer comps’ has held back our ability to tackle cyber with both market solutions and policy/regulation (where Europe continues to lead the way).

In our view, history tells us that corporate behavior will change and governance will improve, including on privacy issues, when we find the right mix of regulation and economic solutions. The right policies and market incentives for good cyber governance can help more companies stem the losses and better manage the downsides of digital transformation. Trusted and verified ratings are an important part of the solution.

We use cookies to make our website more user-friendly and effective

The Cyberhedge Indices Cookie Policy

What are the Cyberhedge Cyber Governance Indices?

These first ever benchmarks prove good cyber governance matters to shareholder value. They measure stock market performance of companies with good and with bad cyber governance scores. Scores are based on Cyberhedge’s proprietary cyber governance rating methodology. Market performance is tracked by an independent firm. The results show that companies with good cyber governance outperform their peers in US, UK, and EU markets.

Information that we collect

Here you can see and customize the information that we collect about you. To learn more, please read our privacy policy

Continue on website