Skip to the content

How cyber risk has changed post Covid

09 September 2020

How cyber fraudsters are raising their game, why investors should care and what companies should do

By Emma Stevenson,

Equities Correspondent


It might not be surprising that cyber criminals have taken advantage of coronavirus and the rush to remote working. The age of cyber warfare was upon us even before the crisis.

New research suggests online fraudsters are boosting their attacks at an alarming pace, and it’s thought multimillion dollar ransoms could be at stake.

Interpol, the inter-governmental organisation which helps police in 194 member countries, has assessed cyber crime since the Covid-19 pandemic. It has reported that criminals have shifted their targets to big firms, governments and infrastructure.

Meanwhile PwC’s Threat Intelligence team found that by 20 May this year more than 150 organisations globally had their data published on leak sites. More than 60% occurred after 11 March when the World Health Organisation first declared the Covid outbreak to be a pandemic.

Garmin, the smart-watch maker, camera-maker Canon, and technology giant Intel are among recently-reported victims of hacking.

Andrew Howard, Global Head of Sustainable Investment at Schroders, says the crisis is “accelerating a shift in business models, which exacerbates the threats”.

He adds: “Our own analysis shows increased cyber attacks registered by US enforcement agencies, for example. Failure to manage that risk could prove fatal to companies in a world where regulations and fines for breaches are becoming punitive.

“As an active investor, we will continue to actively question those we believe are falling short of expectations.”

Our Sustainable Investment Analyst Ovidiu Patrascu explains in more detail.

Why should investors care about increased cyber attacks?

"Cyber is an increasingly critical source of business risk, especially for companies with important intangible assets such as brands, customer relationships or technology. The negative impact a data breach can have on a brand links straight to a company's competitiveness, future revenues and future cash flows.

"Data breaches often uncover poor governance practices and weak management. Changing people or policies is quick but re-establishing market and customer trust take much longer."

How does targeted company engagement help tackle cyber crime risks?

"In our view, investors should focus on understanding how well a company prepares for cyber events. The depth of its approach should give confidence that when (not if) a breach occurs, processes and resources are in place to minimise the impact.

"Building that understanding means going beyond a formulaic assessment of policies. We believe direct company engagements are the best way to gain insights. We have delved into the topic focusing on a few main areas – governance, expertise and technology. We have engaged with Chief Information Security Officers (CISO) or Data Protection Officers (DPOs) across sectors such as financial services, technology and telecoms."

What should companies be doing to minimise risks of cyber crime?

"It is critical that the company has a well-resourced and specialised cyber security team, managed by a CISO or DPO, preferably reporting to the CEO or the board. The security team should also leverage specialised external expertise on a regular basis to stay on top of new threats and security tools. Internally, the team should have direct ownership of specific technological tasks such as penetration testing, a simulated cyber attack.

"The board should have specific expertise to evaluate whether the company has the appropriate operational and managerial resources to mitigate cyber risk.

Earlier this summer Schroders’ sustainable investment team shared how sustainability will be fundamental to progress in the face of some “inescapable truths”. The fast-tracking of digital life is one of six key areas that point to a changing role of the corporate sector in society.

Important information

This communication is marketing material. The views and opinions contained herein are those of the named author(s) on this page, and may not necessarily represent views expressed or reflected in other Schroders communications, strategies or funds.

This document is intended to be for information purposes only and it is not intended as promotional material in any respect. The material is not intended as an offer or solicitation for the purchase or sale of any financial instrument. The material is not intended to provide, and should not be relied on for, accounting, legal or tax advice, or investment recommendations. Information herein is believed to be reliable but Schroder Investment Management Ltd (Schroders) does not warrant its completeness or accuracy.

The data has been sourced by Schroders and should be independently verified before further publication or use. No responsibility can be accepted for error of fact or opinion. This does not exclude or restrict any duty or liability that Schroders has to its customers under the Financial Services and Markets Act 2000 (as amended from time to time) or any other regulatory system. Reliance should not be placed on the views and information in the document when taking individual investment and/or strategic decisions.

Past Performance is not a guide to future performance. The value of investments and the income from them may go down as well as up and investors may not get back the amounts originally invested.  Exchange rate changes may cause the value of any overseas investments to rise or fall.

Any sectors, securities, regions or countries shown above are for illustrative purposes only and are not to be considered a recommendation to buy or sell.

The forecasts included should not be relied upon, are not guaranteed and are provided only as at the date of issue. Our forecasts are based on our own assumptions which may change. Forecasts and assumptions may be affected by external economic or other factors.

Issued by Schroder Unit Trusts Limited, 1 London Wall Place, London EC2Y 5AU. Registered Number 4191730 England. Authorised and regulated by the Financial Conduct Authority.

Editor's Picks

Loading...

Videos from BNY Mellon Investment Management

Loading...

Data provided by FE fundinfo. Care has been taken to ensure that the information is correct, but FE fundinfo neither warrants, represents nor guarantees the contents of information, nor does it accept any responsibility for errors, inaccuracies, omissions or any inconsistencies herein. Past performance does not predict future performance, it should not be the main or sole reason for making an investment decision. The value of investments and any income from them can fall as well as rise.