Key Takeaways
- S&P Global Ratings continues to see an increasing number of attacks on U.S. public finance entities, to where cyber is now a daily part of risk management and operations for most issuers.
- Cyber risk has moved beyond a specialized aspect to a near-ubiquitous priority that is integral to risk-management frameworks, but adoption of baseline cyber-security standards and frameworks still varies across public finance entities.
- Evolving credit risks include the changing nature of threats, rising cyber-insurance costs, third-party vendor exposure, and regulatory uncertainty. We think issuers will need to adapt to maintain credit quality.
- USPF issuers that exhibit inadequate cyber-risk management and oversight that is ineffective in mitigating risk is incorporated into our credit rating analysis, and it could result in a negative rating action.
13 Dec, 2022