Companies in the telecom, media, and technology sectors excel in cybersecurity, according to Moody's rating.
In the face of a rapidly evolving cyber threat landscape, telecommunications, media, and technology (TMT) companies have developed more advanced cybersecurity defenses and governance models compared to other sectors worldwide. This is according to a report by Moody's, which is based on research and a survey of over 1,700 respondents.
The critical nature of TMT infrastructure in enabling data flow and communication globally makes these companies prime targets for advanced cyberattacks. These attacks can range from ransomware and DDoS attacks to AI-powered and state-sponsored attacks. The sector’s reliance on complex, global supply chains involving hardware components exposes vulnerabilities that necessitate robust governance and security practices to maintain resilience in the face of geopolitical and trade disruptions.
TMT companies' environments include multiple adjacent devices, networks, cloud services, and third-party vendors, creating a large attack surface that requires continuous cybersecurity vigilance and adaptation to new technologies such as 5G, IoT, AI, and quantum computing. These factors compel TMT companies to develop sophisticated cybersecurity governance models that include empowered Security Operations Centers (SOCs), incident response teams authorized to act swiftly, and strategic containment plans to mitigate damage from breaches.
One area where TMT companies stand out is at the board level. One in 4 TMT companies have cybersecurity expertise at the board level, which is four times more than the global average. This high-level focus on cybersecurity is reflected in the sector's increased cybersecurity spending. Over the past five years, cybersecurity spending in TMT companies nearly doubled, accounting for 10% of their technology budgets in 2023.
Moreover, TMT issuers are more likely to require vendors to report cybersecurity incidents and carry standalone cyber insurance. Vendor risk management in the TMT sector is more robust than average, with a higher proportion of TMT issuers requiring both new and current vendors to undergo a cybersecurity risk assessment. Technology companies doubled their cybersecurity spending over the last five years, while telecom businesses increased spending by more than 250%.
However, the report does not specify which specific TMT companies were surveyed for the research or regarding vendor risk management practices. It also does not provide specific details about the nature or frequency of cyberattacks on TMT companies.
Despite these advancements, TMT companies continue to face significant cybersecurity challenges. For instance, T-Mobile has experienced at least 8 data breaches since 2018, with the August 2021 attack exposing personal data on 76.6 million people. These breaches highlight the need for continued vigilance and investment in cybersecurity defenses.
In conclusion, the critical importance of their role in global communications and digital services, the complexity of their interconnected technologies and supply chains, and the high sophistication of cyber threats they face all contribute to TMT companies having more advanced cybersecurity defenses and governance models compared to other sectors worldwide. The increased cybersecurity spending in TMT companies is due in part to the medium-high cyber risk exposure confronting the sector.
- The advanced cybersecurity defenses and governance models of TMT companies are a response to their high exposure to cyber risks, a result of their critical role in global communications and digital services.
- T-Mobile, a TMT company, has experienced multiple data breaches, underscoring the need for continuous vigilance and investment in cybersecurity defenses against cyberattacks, including those using AI and state-sponsored technologies.
- To maintain resilience in the face of cyber threats, TMT companies are implementing robust cybersecurity practices, such as empowered Security Operations Centers, incident response teams, and strategic containment plans, and are increasing their spending on cybersecurity, especially in the areas of 5G, IoT, AI, and quantum computing.
