6/20/2017

COMMERCE/CYBERWAR: “More than two dozen U.S. companies, including several big banks, have teamed up to establish shared principles that would allow them to better understand their cyber security ratings and to challenge them if necessary, the U.S. Chamber of Commerce said on Tuesday [6-20-17]. Large corporations often use the ratings, the cyber equivalent of a FICO credit score, to assess how prepared the companies they work with are to withstand cyber attacks. Insurers also look at the ratings when they make underwriting decisions on cyber liability.
The group includes big banks like JPMorgan Chase & Co (JPM.N), Goldman Sachs Group Inc (GS.N) and Morgan Stanley (MS.N), as well as non-financial companies like coffee retailer Starbucks Corp (SBUX.O), health insurer Aetna Inc (AET.N) and home improvement chain Home Depot Inc (HD.N). They are organizing the effort through the Chamber of Commerce, a broad trade group for corporate America.
The move comes in response to the emergence of such startups as BitSight Technologies, RiskRecon and SecurityScorecard that collect and analyze large swaths of data to rate companies on cyber security.
As these startups have gained prominence and venture capital funding, the companies they rate have complained of a lack of transparency.”

-Anna Irrera and Olivia Oran, “U.S. banks, corporations establish principles for cyber risk ratings firms,” Reuters, June 20, 2017 10:25am