Cyber events and stock market performance – are they connected?

Study dives into past two decades’ major cyber events to see any possible correlations

Cyber events and stock market performance – are they connected?


By Kenneth Araullo

A new report focused on the cyber (re)insurance market, addressing concerns raised by ILS investors regarding the potential correlation between significant cyber events, stock market performance, and their impact on financial market asset exposures, has been released by Guy Carpenter.

Titled “Double Whammy? Examining the Correlation Between Major Cyber Events and Broad Market Performance,” the report was a collaborative effort between Guy Carpenter and Marsh McLennan’s Cyber Risk Intelligence Center.

Scrutinizing extensive industry and academic research, the study went on to establish that there is no clear link between observable historical cyber events and stock market downturns.

“Random noise in the market”

The study examines 14 major cyber events that occurred between January 1, 2000, and the present day, categorizing them into four distinct types:

  1. Mass breach or vulnerability events, including Solarwinds and NotPetya
  2. Mass service outages, exemplified by the 2011 Amazon Web Services and the 2016 Dyn DDoS attacks
  3. Critical infrastructure compromises, such as the Colonial Pipeline and Saudi Aramco incidents
  4. Financial market compromises, encompassing the 2010 Nasdaq breaches and the recent ION ransomware attack

To assess the potential adverse impact of a cyber event on the S&P 500, the research team also conducted a statistical analysis, examining the distribution of market returns immediately and shortly after the 14 historical events. The analysis concluded that none of these events had a significant impact on the distribution of market returns, with all falling “within the random noise in the market.”

Additionally, the report evaluates the events in comparison to the Chicago Board of Exchange (CBOE) Volatility Index (VIX), which measures expected volatility over the next 30 days. The study finds that none of the 14 events “led to meaningful rises or shifts in the VIX.”

Furthermore, the report draws a parallel between the impacts of cyber events and natural catastrophes on the S&P 500’s average 30-day performance. It notes that the market effect of both categories was “very similar to that of major hurricanes,” primarily causing significant one-time losses without inducing strategic changes in economic activity or investment.

“Our analysis demonstrates the lack of statistical correlation between widespread cyber events and stock market performance. The study also highlights that unlike natural catastrophe risks, the probability and impact of cyber-related risks can be mitigated with human intervention and AI-based cyber management tools, such as identifying and patching exploitable vulnerabilities in a timely manner. Cyber market participants can leverage our research findings to make informed decisions about their cyber strategy and attract new capital to support the sustainable growth of this insurance industry segment,” Guy Carpenter North American cyber analytics lead Jess Fung (pictured left) said.

Zain Awan (pictured right), international cyber ILS lead at Guy Carpenter, added that with the appropriate risk transfer structures, clear agreements on covered scenarios/events in cyber catastrophe transactions, and robust risk modeling, cedents and investors can be better positioned to engage and trade cyber risk exposures with confidence.

As part of its recent efforts to enhance underwriter performance and efficiency, Guy Carpenter also unveiled the next generation of its catastrophe analytics platform, GC AdvantagePoint, with new modules and features.

What are your thoughts on this story? Please feel free to share your comments below.

Related Stories

Keep up with the latest news and events

Join our mailing list, it’s free!