Back to Spotlight

Last month, we explored a McKinsey report that studied cyber maturity across industries. This month, we’ll take a look at a complementary element: different cyber risk exposures across industries and geographies. A recent study from London Business School uses an innovative methodology to study cyber risk exposure across industries and geographies.



Using recent advances in Natural Language Processing, the authors used artificial intelligence to analyse the quarterly earnings calls from more than 12,500 companies across 85 industries. Based on the frequency of mentions of specific keywords like “cybersecurity”, and “cyberattack”, the authors came to interesting conclusions:

  • The number of earning calls that mention cyber risk and related words is increasing
  • The sentiment of these discussions is becoming increasingly negative
  • The financial sector was not very exposed to cyber-risk before 2014, but since then has become the third-most cyber-risk exposed sector.

Interestingly, the cyber risk index of the study can seemingly predict future cyberattacks. If a firm has high cyber risk exposure based on the earnings call data, then it is significantly more likely to report a cyberattack within the next eight quarters.


Why does this matter for businesses?

  • The study shows that the threat from cyberattacks is constantly growing
  • It also contributes to our understanding of which industries and geographies are most exposed to cyber risk
  • Companies in high-exposure industries and geographies will have to pay additional attention to building resilience to cyberattacks

Overall, the research paper provides a wealth of insights – it’s definitely worth taking a look.  


You can view the full report here