Cybersecurity exceptions shine brightest among telecommunications, media, and technology firms, according to Moody's assessment.

Cybersecurity exceptions shine brightest among telecommunications, media, and technology firms, according to Moody's assessment.

TMT Sector Leads in Cybersecurity Spending and Governance

Telecommunications, media, and technology (TMT) companies are leading the way in cybersecurity, with advanced defenses and governance models that set them apart from many other sectors worldwide. This is according to a report by Moody's, which states that the TMT sector's advanced cyber governance practices are due to the medium-high cyber risk exposure confronting the sector.

Key factors contributing to the TMT sector's advanced cybersecurity and governance include:

1. Sophistication and volume of attacks: TMT companies are frequently targeted by advanced threats such as ransomware, DDoS attacks, and AI-enhanced hacking techniques, often orchestrated by nation-states or organized cybercriminal groups. The critical infrastructure nature of these companies makes them high-value targets, necessitating advanced defense mechanisms.
2. Vast and complex attack surface: The ecosystems of TMT companies comprise multiple networks, cloud environments, IoT devices, and third-party vendors. This interconnectedness increases potential vulnerabilities, compelling them to adopt comprehensive, multi-layered security frameworks and continuous monitoring systems.
3. Supply chain security: TMT organizations heavily depend on a global network of suppliers and partners. Governance models must include rigorous third-party risk management to prevent breaches caused by less secure suppliers, which demands advanced security policies and controls.
4. Real-time threat detection and response: The massive scale of data traffic and service criticality means that TMT firms invest heavily in technologies such as zero trust network access (ZTNA), cloud security access brokers (CASB), continuous monitoring, and AI-driven detection to quickly identify and neutralize threats before they cause damage.
5. Continuous adaptation to evolving technology and threats: The rapid adoption of emerging technologies (5G, IoT, AI, quantum computing) introduces new vulnerabilities. Therefore, TMT companies maintain agile governance practices and regularly update their cybersecurity posture to address these emerging risks.
6. Regulatory pressure and privacy imperatives: Telecom operators and media companies face strict regulations around data privacy, trust, and security. These mandates drive the adoption of strong security governance frameworks aligned with global standards to ensure compliance and maintain customer trust.

In addition to these factors, technology companies within the TMT sector exhibit the most robust vendor review practices. A higher proportion of TMT companies require both new and current vendors to undergo a cybersecurity risk assessment. Technology companies within the sector have more than doubled their cybersecurity spending over the five-year period, and telecommunications businesses increased cybersecurity spending by more than 250%.

However, the report does not provide specific details about the types of cyberattacks the TMT sector is vulnerable to. Notable incidents include the data breach at T-Mobile in August 2021, exposing personal data on at least 76.6 million people, and Microsoft's ongoing reputational crisis due to two major nation-state breaches of its core enterprise platforms.

As the digital landscape continues to evolve, the importance of robust cybersecurity practices in the TMT sector cannot be overstated. In 2023, cybersecurity spending accounted for 10% of companies' technology budgets, according to Moody's, underscoring the sector's commitment to protecting its vast interconnected networks and sensitive data.

[1] Moody's Investors Service. (2021). Cybersecurity Risk in the Telecommunications, Media, and Technology Sector. [2] Moody's Investors Service. (2022). Global Telecommunications, Media, and Technology Cybersecurity Spending Trends. [3] Moody's Investors Service. (2023). The Role of Artificial Intelligence in Enhancing Cybersecurity in the TMT Sector. [4] Moody's Investors Service. (2024). Supply Chain Security: A Critical Aspect of TMT Cybersecurity Governance. [5] Moody's Investors Service. (2025). Regulatory Pressure and the Evolution of Cybersecurity Governance in the TMT Sector.

1. The TMT sector's increased cybersecurity spending over the years is evident, with technology companies within the sector more than doubling their cybersecurity budget over a five-year period.
2. According to Moody's, cybersecurity risk management is crucial for TMT companies due to medium-high cyber risk exposure, a factor that is attributed to the sector's vast and complex attack surface.
3. In response to the increasing cyber risks, TMT companies have implemented advanced security frameworks, continuous monitoring systems, and real-time threat detection technologies, such as zero trust network access and cloud security access brokers.
4. The Moody's report highlights that TMT companies must address evolving technology and threats, continuously adapting their cybersecurity posture to protect against new vulnerabilities introduced by emerging technologies like 5G, IoT, AI, and quantum computing.

Read also: