What is Environmental, Social, and Governance (ESG), and why the sudden focus?
Why does ESG Matter to Business, Government, and well, Everyone?
Governance is a necessary business function to operate with any degree of success. As investors seek opportunities that meet both a fiscal and the broader ESG objective, organizations that take ESG seriously will attract more capital and contract opportunities than those that do not. We have historically looked at pure financials to create shareholder value. However, with ESG reporting, we are now looking at the impact of large businesses across social parameters that align with societal needs. Most publicly traded organizations have an ESG report (essential but not required). All evidence points toward ESG becoming part of annual reports mandated and controlled by the Securities and Exchange Commission (SEC). You see, ESG will make it to the balance sheet eventually, through regulatory inclusiveness that seeks to homogenize business operations to a standard of practice generally acceptable to all. Companies that see this risk/reward opportunity right now will flourish while others play catch up for years.
As ESG forces everyone’s hand to put forth their corporate governance principles, the standard of business conduct, tax strategies, human rights policies, conflict materials strategy, supply chain resilience, and cybersecurity resources, along with others. It’s a race to be first, attract the most favorable terms from lenders in capital markets, and attract more investment and contract opportunities. Dare we say it, but ESG will become part of businesses moving into the future as a required effort and not voluntary.
Does this Really Matter? Who’s Buying In?
Make no mistake. ESG is here and now. Don’t look away. PwC and other progressive organizations see both the long-range impact of ESG on global markets and are putting their money where their mouth is.
Lets Talk About Cybersecurity and the Department of Defense
With an ever-increasing focus on cybersecurity, the Defense Industrial Base (DIB), with a forthcoming framework of trust and reciprocity based on the Biden Administration’s focus on Supply Chain Risk Management (SCRM), ESG will play a pivotal role in building companies for tomorrow’s mission, which will be a mix of financial success, but also look at corporate citizenship and an organization’s impact on the nation, and the world. As cybersecurity becomes a strong focus at the DoD, Federal Government, DIB, and publicly training companies alike, it’s just a matter of time until cybersecurity and risk management, through ESG, are reflected in the balance sheet of public firms. Cybersecurity may be the single largest risk that exists in the business environment at this time.
Imagine the scenario where you build propulsion systems for the DoD and have a 50-year successful track record of mission success. Now, imagine if your brand, infrastructure, and business get held hostage by a massive data breach and ransomware attack due to a USB drop with malware insertion or a social phishing hack. You just lost 50-terabytes of Controlled Unclassified Information, but along with this, some base Intellectual Property (IP) of the newest fighter jet. Well, now what? Should anyone be held responsible? Is anyone to blame? What’s the impact on the nation, the businesses involved, and the mission at large? Was Governenace to blame, or a lack of cybersecurity controls, tools, and staffing? Beyond brand and customer damage, we are now looking at shareholder value being impacted.
As the SEC focuses on ESG, Governance in Cybersecurity will reach the board room, the Chief Financial Officer’s (CFOs) room, and ultimately will lead to a risk-weighted cyber score quickly impacting capital costs such as new borrowing or currently open revolving vehicles. For example, if borrowing costs go up a 1/2 point at a Fortune 50, what’s the true long-term cost at this point? Likely FAR beyond what it would have costed to be ESG aligned and aware or compliant in a future case.
Companies like Bank of America are out in front, investing over One Billion dollars annually on cybersecurity controls, tools, and people. In part and due to the very nature of cybersecurity representing governance, banks and financial institutions far outspend and invest more than any other businesses in cybersecurity. A finance firm’s entire existence is a weighted measure of risk and reward, and with the SEC seeking resilient and stress-tested financial firms, governance is a key focus, and ESG is a key mechanism. However, when we compare what financial firms are spending vs. our very own DIB, the differences are staggering. The DoD, DIB, and Federal Government must get up to speed and fast, as our national security is at risk.
Meanwhile, with each new executive order in 2021, we keep seeing it clear as day. ESG will be part of the government and DoD’s strategy moving forward, to be prepared now. ESG will be part of Corporate America, the DoD, the DIB, and the globe, so get out in front today.
- Building Resilient Supply Chains, Revitalizing American Manufacturing and Fostering Broad-Based Growth: https://www.whitehouse.gov/wp-content/uploads/2021/06/100-day-supply-chain-review-report.pdf
- SEC Response to Climate and ESG Risks and Opportunities: https://www.sec.gov/sec-response-climate-and-esg-risks-and-opportunities
- SEC Announces Enforcement Task Force Focused on Climate and ESG Issues: https://www.sec.gov/news/press-release/2021-42
- Economy and Society: SEC commissioner addresses costs of new ESG disclosure rules: https://news.ballotpedia.org/2021/06/15/economy-and-society-sec-commissioner-addresses-costs-of-new-esg-disclosure-rules/
Hashtags: #SCRM #Cybersecurity #RiskManagement #Governance, #ESG, #SEC