X
<

Cybersecurity and Municipal Bonds

PART:
1 2 3 4
Part 3
Cybersecurity and Municipal Bonds PART 3 OF 4

How Municipalities Can Prevent Cyber Attacks

Market Realist Partner Insight: What's this? Market Realist co-produces Partner Insights reports with prominent financial services thought leaders that our research organization deems relevant to our audience. Thought leaders’ views are clearly delineated from Market Realist analysis, though we provide a combined report for readers’ convenience. Market Realist may receive payment or other compensation from thought leaders. The opinions that thought leaders express in these reports are their own.

VanEck

Possible Drivers to Action

One possible driver to action could simply be alerting the public through their local media outlets just what havoc can be, and has been, wrought by cyberattacks. For example, at the National Health Service in the U.K. and the power company Prykarpattyaoblenergo in Ukraine. While the latter appears to have been a targeted attack, the former was simply about money. While both were malicious and extremely damaging, they could also be viewed simply as warning shots and indicative of what further might happen.

Another driver could lie with municipalities’ furthering their own commitments to high-quality and reliable public services. Terry Smith, CEO and founder of Smith’s Cyber Security Gradings, believes that with the tradition of first-class service to uphold, public sector (both state and local) cybersecurity professionals are willing to meet the challenge, but the critical physical infrastructure is weak.

I believe two other potentially effective approaches (if they were adopted) lie with the muni bond market itself. First, lenders should insist that bond issuers meet certain minimum standards of cybersecurity. These could be based on guidelines and standards set out by NIST and/or US-CERT. And their adherence to these standards will be monitored on a continuing basis.

A commitment to and the subsequent maintenance of, these standards would be incorporated in municipal bond offering documents; that is, a clause covering cybersecurity would become standard. Its absence would likely result in a yield penalty to the issuer similar to what occurs with bond insurance.

In the second instance, a commitment to and the recognition of standards by, credit rating agencies would have a direct bearing on an issuer’s ability to obtain a stronger rating for the bond: the tradability of the bond would likely improve as a result. Cybersecurity gradings do already exist in the private sector, but not yet in the muni space.

How Municipalities Can Prevent Cyber Attacks

Interested in MUB? Don't miss the next report.

Receive e-mail alerts for new research on MUB

Success! You are now receiving e-mail alerts for new research. A temporary password for your new Market Realist account has been sent to your e-mail address.

Success! has been added to your Ticker Alerts.

Success! has been added to your Ticker Alerts. Subscriptions can be managed in your user profile.

Market Realist

Municipalities (MUB)(XMPT) need to initially undertake a risk assessment so they can know what information assets they own and identify vulnerable areas.

Once they’ve determined this key information, municipalities can look at encrypting data. An important step that has worked for companies and could also work for municipalities is data encryption. Encrypted data can only be read by the person who knows the encryption key.

As the graph above shows, cyber attacks have hit businesses the most, followed by governments, from 2015 to 2016.

X

Please select a profession that best describes you: