As a 1-Star-rated company, GE’s below average cybersecurity is notable considering the critical role technology plays across all of its business lines and its explicit recognition of security in support of digital transformation. Though in the past GE was considered the benchmark for a well-managed company, its multi-year restructuring is a cautious tale of ‘financial overengineering’.
GE’s poor cyber governance has a multiplier effect. It also poses a significant supply chain risk as a provider of life-saving medical equipment, jet engines, and software that powers global energy infrastructure. GE’s poor financials will create a structural drag on its ability to mitigate cyber risks permeating throughout the supply chains of several industries.