Meeting 21st century investor relations challenges: Challenge 1 – Security
July 2021
In a series of four blogs, we will be exploring the investor relations challenges firms face today. In this first blog, we look in more detail at the security challenges inherent in investor communications, and what companies can do to tackle them.
During the Covid-19 pandemic, companies have showed an impressive ability to react to unprecedented global events. Investor relations is one area where businesses have transformed their approach, deftly moving their investor roadshows to online videoconferencing, and emailing investor presentations instead of hosting in-person meetings with glossy handouts.
But this new virtual approach isn’t without its risks. Security is identified as one of the 5 key issues you need to consider when choosing a data room provider for your virtual investor communications and roadshows. What are the security considerations you must be aware of, and how can you reduce the risks of security breaches when sharing investor information?
Risk 1: Hacking
Emails can easily be hacked: it was recently revealed that 3.3 billion emails and passwords have been leaked on a popular hacking forum in what CyberNews called the “mother of all breaches”. This opens victims’ accounts to cybercriminals, who will steal ransom-sensitive information they find in inboxes.
Risk 2: Emails going astray
When emailing vital material, there’s always a chance that it will get lost in the recipient’s spam filter. But this is the least of an investor relations professional’s problems if using email to send investor communications.
Emails frequently go astray, sending confidential information into the wrong hands. The Information Commissioner’s Office, the UK’s data watchdog, found that 15% of all data breaches and 22% of all non-cyber-related security incidents reported to it in the second quarter of 2020-21 resulted from emails being sent to the wrong person.
Risk 3: Loss or theft of confidential information
If email poses such a risk, maybe sending information in hard copy is the answer. But this doesn’t prevent data hazards either. The same ICO report saw the loss or theft of paperwork or data left in an unsecure location account for a further 5% of all data breaches and 8% of non-cyber incidents.
Risk 4: Video conferencing
Video conferencing has become the go-to for internal catch-ups, client meetings and even investor roadshows during the pandemic. In many ways, virtual investor events offer advantages over their in-person equivalents, but there are security concerns too; you need to ensure that any solution you invest in adheres to security best practices.
When it comes to the security risks of investor relations, the potential implications are significant.
From possible GDPR and other regulatory breaches, to the risk of confidential information reaching the wrong eyes – relying on email or other insecure solutions to share sensitive investor information comes with numerous dangers.
The solution – taking a highly-secure approach to investor relations
To minimise these risks, you need to ensure your approach to investor communications is watertight. Virtual investor roadshow platforms can be the answer here. The best ones use the same ultra-secure systems behind electronic data rooms, where confidential information is kept for potential investors to inspect online during M&As.
The technology is tried and tested. The stored data is encrypted (unlike email attachments), and users are required to pass a two-factor authentication process and agree to disclaimers (which can be individually tailored) before they can access it. Permission-based access limits how much detail individual investors can see, and a detailed activity dashboard provides invaluable insights as well as creating a compliant paper trail.
Engage is Perivan’s highly secure data room. It provides an easily structured “data room” for all stakeholder documentation and gives great insights into investor activity and appetite.
Nothing in this document should be treated as an authoritative statement of the law. Action should not be taken as a result of this document alone. We make no warranty and accept no responsibility for consequences arising from relying on this document.