• Register
Return to: Home > News > Big Four > Weak cybersecurity disclosure to increase investment risks: PwC US

Weak cybersecurity disclosure to increase investment risks: PwC US

By Steffen Müller

The US companies' disclosures of cyber risks rarely provide differentiated or actionable information, PwC US warned in a joint report issued in collaboration with the Investor Responsibility Research Center Institute (IRRCi).

The report, What investors need to know about cybersecurity: How to evaluate the investment, encourages investors to demand better and more actionable disclosure on the companies' cybersecurity policy across all industry sectors.

"The reality today is that virtually every company is reliant on information and technology, so not one company or sector is left out," IRRCi executive director Jon Lukomnik said.

According to the report, the topic of cybersecurity "has moved from the back office to the corporate board room," since poor cybersecurity can lead, amongst others, to lost revenue, compromised intellectual property or increases in costs.

However, the steps the boards take to address potential cyber risks tend to be hesitant and often lack disclosure and transparency for investors struggling to evaluate investment risk, the report read.

"Even when boards do act, investors often feel in the dark on cybersecurity," Lukomnik said and continued: "First, it's dynamic and highly technical. Second, companies can be reluctant to disclose details on threats because they are concerned about providing hackers with a roadmap to vulnerabilities."

PwC investor resource institute leader Kayla Gillan said that the investors should "begin to navigate critical cybersecurity issues, with a focus on sector-specific portfolio risk." The report suggests therefore that investors should question if there is a strong expertise in cybersecurity on the senior level of the company and if the company has response plans for cyber incidents.

According to the joint report, cyber-attacks affecting industry sectors happen for different reasons. While the financial services and the retail sectors become victim mostly out of financial gain and greed, attacks on the energy, the aerospace & defence and the government sector are often political motivated.

Related links:

PwC US

Report: What investors need to know about cybersecurity: How to evaluate the investment?

 

Top Content

    Brazil: regulation and technology form basis for recovery

    Opportunities in the capital markets and the ever-growing influence of technology are expected to have a significant impact on the Brazilian accounting profession over the next 12 months, writes Paul Golden.

    read more

    Mentoring support and the opportunity to delegate

    Jon Lisby will be known to many from his former role as CEO of Kreston International. Here, he explains the background to his new venture, Global Alliance Advisory Services (GAAS), and how he aims to offer support to alliance CEOs.

    read more

    Global by name, global by nature

    Stephen Heathcote became chief executive officer of PrimeGlobal on 1 June 2019. Robin Amlôt met him to discuss the various new challenges that he has taken on, and his ambitions for the association.

    read more

    ARGA team, assemble!

    The new top team has been named that will see in root-and-branch reform at the Financial Reporting Council (FRC) as it transforms into the Audit, Reporting and Governance Authority (ARGA). Will the new duo be as dynamic as some are hoping? Robin Amlôt reports.

    read more
Privacy Policy

We have updated our privacy policy. In the latest update it explains what cookies are and how we use them on our site. To learn more about cookies and their benefits, please view our privacy policy. Please be aware that parts of this site will not function correctly if you disable cookies. By continuing to use this site, you consent to our use of cookies in accordance with our privacy policy unless you have disabled them.