Cybersecurity has become a staple item within the Risk Factors section for the vast majority of public companies. In 2015, over 88% of Russell 3000 companies disclosed cybersecurity as a risk. In addition, over two percent of companies that disclosed cybersecurity as a risk also disclosed that they had suffered an actual cybersecurity incident.
While just about all public companies face some cyber risks, those risks can be quite different from one industry to the next. Some industries face very specific threats, and these industries often have higher than average risk factor disclosure rates. This article focuses on industry-specific disclosure rates of cybersecurity risk factors for a select group of industries.