U.S. banks, corporations establish principles for cyber risk ratings firms

More than two dozen U.S. companies, including several big banks, have teamed up to establish shared principles that would allow them to better understand their cyber security ratings and to challenge them if necessary, the U.S. Chamber of Commerce said on Tuesday. Large corporations often use the ratings, the cyber equivalent of a FICO credit score, to assess how prepared the companies they work with are to withstand cyber attacks. Insurers also look at the ratings when they make underwriting decisions on cyber liability.

The group includes big banks like JPMorgan Chase & Co (JPM.N), Goldman Sachs Group Inc (GS.N) and Morgan Stanley (MS.N), as well as non-financial companies like coffee retailer Starbucks Corp (SBUX.O), health insurer Aetna Inc (AET.N) and home improvement chain Home Depot Inc (HD.N). They are organizing the effort through the Chamber of Commerce, a broad trade group for corporate America.