Press Releases

Solactive releases new index family tracking only companies with the highest cybersecurity ratings from BitSight

The topic of ESG has solidified itself as a household name in the financial industry. With a massive tilt towards social and environmental concerns, the market lacks dedicated G-benchmarks that, for example, take into account a company’s exposure to certain contemporary risks. With Solactive’s new Solactive BitSight Cyber Risk Indices, the German index provider reinterpreted the Governance factor by including in one index family only those companies that exhibit comparably good cyber risk management systems and strategies. Backtests reveal a sizable outperformance of the Solactive BitSight Cyber Risk Indices compared to its benchmarks, potentially adding some G-Force into investors’ portfolios.

The protection against cyber risks is essential for every organization that relies on information technology, and investors are increasingly concerned about cyber risks to their investments. The resilience towards cybersecurity risks is, by far, not standardized throughout the industry and bears large gaps between companies in all sectors. Yet, not all companies keep abreast, which goes to the disadvantage of investors as research shows an average share-prices fall of 7.27% in a two-week period after a company disclosed a data breach to the public[1]. Consequently, superior cybersecurity management is a necessary foundation to assure an invulnerable production and service offering and, potentially, according to BitSight, serves as an additional sustainability-factor alongside the current ESG nomenclature.

To identify the constituents for the Solactive BitSight Cyber Risk Indices, Solactive allied with BitSight, the market’s leading provider of objective Security Ratings. BitSight’s approach extends beyond the analysis of ordinary companies’ self-disclosure of their cybersecurity defense by continuously collecting externally observable security performance information and applying sophisticated algorithms to build a cohesive and reliable cybersecurity risk profile. For the Solactive BitSight Cyber Risk Indices, only the top 25% of companies according to BitSight’s ranking per sector, as defined by FactSet, will be included in the indices.

Stephen Harvey, Chief Executive Officer at BitSight, comments: “BitSight is powering a new era, where cyber risk is integrated into every market decision and strong, measurable cybersecurity performance is a market differentiator. This unprecedented research will not only affect investors’ views on cybersecurity, but also the way that C-suite and security professionals manage and measure cybersecurity performance inside of their organizations. For BitSight, this is another independent, statistical validation of our market-leading Security Ratings, further cementing the reason why the global marketplace — investors, insurers, governments, and businesses — trust and use the BitSight platform.”

The Solactive BitSight Cyber Risk Index family helps investors factor cyber risk into their investment decision-making, serving as a leading benchmark for only the best cyber-secure companies. The indices can serve as the underlying for index-linked products such as ETFs or structured products.

“Solactive’s approach has always been, and will always be, to identify quality data sources that enable us to provide our clients with a superior indexing strategy and experience. With BitSight, we found a data provider sharing with us the same approach towards the predominance of big data,” comments Timo Pfeiffer, Chief Markets Officer at Solactive. “The importance of effective cybersecurity management is a crucial factor in a company’s long-term success as it is an unquestionable minimum requirement in today’s interconnected economy. We’re very proud to release an index family with BitSight that reflects the utter importance for this still understated sustainability aspect.”

The first Solactive BitSight Cyber Risk Indices went live on the 6th of October.

[1] https://www.comparitech.com/blog/information-security/data-breach-share-price-analysis/#NASDAQ_benchmark_validation