Access comprehensive financial analyses and make smarter investments - get the Manual of Investments on Amazon!
  Get the Manual of Investments on Amazon!
Subscribe

MCO
FINANCE
DIVERSIFIED FINANCIAL
UNITED STATES

Moody's 10-K Report Highlights Cybersecurity Practices

By Tamara Parker • Sunday, February 16 10:18 • Permanent Link

Moody's Corporation recently released its 10-K report, providing a comprehensive overview of the company's financial performance and operations. Moody's Corporation operates as an integrated risk assessment firm worldwide, with two main segments * Moody's Analytics and Moody's Investors Services. The Moody's Analytics segment offers a range of products and services to support risk management activities in financial markets, while the Moody's Investors Service segment publishes credit ratings and provides assessment services on various debt obligations and entities.

In its 10-K report, Moody's detailed its cybersecurity and risk management practices. The company maintains a dedicated internal cybersecurity team that interacts with executive management and its business units to identify, assess, manage, and respond to cybersecurity risks and incidents relating to the company’s information systems and operations. At the end of 2024, the internal cybersecurity team consisted of members located in various countries and time zones across the world, with expertise in governance, risk management and compliance, threat monitoring, and cyber incident management.

Moody's also outlined its Cyber Committee, responsible for identifying cybersecurity risks and threats, recommending mitigating actions, and validating that the company has appropriate capabilities to identify, mitigate, and report on cybersecurity risks to the executive leadership team and the Board of Directors. The company's cybersecurity program leverages the NIST Framework and incorporates training and awareness, ongoing monitoring and assessment, and periodic internal and external reviews.

The company's cybersecurity environment is subject to routine vulnerability assessment processes, including penetration testing, red teaming, tabletop exercises, and phishing drills. Moreover, the company contracts with reputable third parties to conduct annual external assessments of its cybersecurity program and its components. Moody's also has an Information Security Policy and Information Security Standards in place, which describe the standards and minimum requirements expected of all business and information security personnel to protect the company’s information and technology assets.

The 10-K report emphasizes the dynamic and volatile nature of the cybersecurity threat landscape, highlighting the significant investment required in terms of talent recruitment and retention, as well as procuring and deploying the correct tools to address threats. The report also directs readers to Item 1A of Part I, “Risk Factors,” under the heading “Technology Risks,” for additional information on cybersecurity risks.

The market has reacted to these announcements by moving the company's shares -0.9% to a price of $522.84. For more information, read the company's full 10-K submission here.

The above analysis is intended for educational purposes only and was performed on the basis of publicly available data. It is not to be construed as a recommendation to buy or sell any security. Any buy, sell, or other recommendations mentioned in the article are direct quotations of consensus recommendations from the analysts covering the stock, and do not represent the opinions of Market Inference or its writers. Past performance, accounting data, and inferences about market position and corporate valuation are not reliable indicators of future price movements. Market Inference does not provide financial advice. Investors should conduct their own review and analysis of any company of interest before making an investment decision.

IN FOCUS

BABA
TCTZF
EDITORIAL
When Buying a Share Doesn't Get You a Piece of the Business
Value investors believe that owning a stock is owning a slice of the underlying business… but this isn’t always true. Innovative corporate forms such as Special Purpose Vehicles (SPV) and (Variable Interest Entities (VIE) allow businesses to raise capital through equity issues while...
2023-04-15
DXC
HBI
ARMK
Do Equity Analysts Know How to Pick Winning Stocks?
Columbia Business school publishes a biannual investing newsletter, in which MBA students compete for the best stock analysis and pitch. The newsletter is called “Graham & Doddsville” — a reference to Warren Buffett’s repudiation of the efficient market theory on the basis that mere...
2023-03-07
Here Are the Facts You Need to Understand UMC
TAIWAN
Briefing on the Fundamentals of lululemon athletica inc.
DEPARTMENT STORE
What Is the Bullish Thesis on Procter & Gamble Company (PG)?
HOUSEHOLD & PERSONAL PRODUCTS
Essential Facts About Cigna
HEALTH CARE
Read This to Understand Masco Stock
BUILDING PRODUCTS & EQUIPMENT
What the Smart Investors Know About Warner Music
WMG
Don't Judge Cardinal Health on Technicals Alone - Check Its Fundamentals!
UNITED STATES
Thinking of Buying BioNTech SE (BNTX)? Here's What You Need to Know.
BIOTECHNOLOGY
Thinking of Selling EHC After Today's Rally? Consider This First.
EHC
Latest
Here's a Quick Look Into the Fundamentals of Tenet Healthcare Stock
Briefing on the Fundamentals of Agilent Technologies
What Should You Know About RE/MAX Before Investing?
Take This Into Account Before Investing in RCL
How Profitable is Freedom (FRHC)?
Quick Briefing on Waste Connections
Why Are People Talking About Investing in ELAN?
Preminium Access