European cyber risk ‘rising’: Moody’s

The number of cyberattacks is rising in Europe and cybersecurity is becoming part of companies’ general business risk backdrop, Moody’s Investors Service has warned.

About 38% of those attacks are related to the conflict between Russia and Ukraine. 

However, attacks not related to the conflict are also on the up, with twice as many of those being recorded in the first nine months of 2022 than in all of 2021. (see image below)

So far, however, the rating agency has not taken a negative rating action in the Europe, Middle East and Africa (EMEA) region that was caused by a cyberattack because the financial consequences of the individual attack have not been sufficiently severe.

Public sector entities, including the education sector, are considered at greater risk of cyberattacks than private sector entities. Public sector entities are particularly vulnerable to distributed denial of service (DDoS) attacks, which are typically run against websites and usually cause little lasting damage.

Private sector entities, by contrast, are usually targeted with ransomware or data breach attacks, which can have more severe operational and financial consequences. 

In terms of sectors, the financial sector has the highest preparedness, with 100% of companies employing a dedicated cyber manager as opposed to a median of 91% in all sectors. This is also reflected in a higher cyber budget, with financial services companies spending 7% of their IT budget on cyber while the median of all sectors is at 5%.