On Tuesday, S&P lowered its rating for Macy’s from BBB- to BB+—one notch below investment grade—saying it viewed the company’s turnaround plan as necessary, but also a sign that the department-store chain’s “competitive advantage has diminished more than we expected.”
S&P sees considerable execution risks as the company attempts to improve its position in a challenging brick-and-mortar retail sector. Profitability under the turnaround plan is weaker than its prior expectation.
According to Cyberhedge analysis, Macy’s, a traditional retailer fighting to stay relevant in an online shopping world, is under enormous competitive pressure to correctly execute its digital transformation plans—key to boosting sales and expanding margins. So far, likely due to financial constraints outlined in S&P’s downgrade decision, the company has consistently chosen to underinvest in adequate cybersecurity, resulting in poor performance on cyber governance (two embarrassing breach events in 2018 and 2019).
Companies that are poorly rated on cyber governance are at greater risk of credit downgrades. in December 2019, Cyberhedge issued a Cyber Governance Alert on Macy’s, which was rated one out of five stars on cyber financial metrics, because data showed the company had little margin for error in executing its digital strategy and allocating the capital necessary to effectively manage the downside risks of this transformation to compete with online retail giants.