Cyberattacks on the private sector are an increasingly important risk in corporate credit analysis, US ratings agency Moody’s Investors Service said.
The threat of computer hacking varies from sector to sector and remains hard to measure because intrusions often go undetected or are not publicly disclosed, Moody’s said.
Likening cyberattacks to natural disasters, the agency said the two pose similar challenges in anticipating the duration or severity of problems in calculating ratings impact.
“We do not explicitly incorporate the risk of cyberattacks into our credit analysis as a principal ratings driver,” the report said. “But across all sectors, our fundamental credit analysis incorporates numerous stress-testing scenarios, and a cyber event, like other event risks, could be the trigger for those stress scenarios.”
Moody’s said cyber defense, detection, prevention and response will be a higher priority in credit assessments.