The group includes big banks like JPMorgan Chase & Co (>> JP Morgan Chase & Company), Goldman Sachs Group Inc (>> Goldman Sachs Group) and Morgan Stanley (>> Morgan Stanley), as well as non-financial companies like coffee retailer Starbucks Corp (>> Starbucks Corporation), health insurer Aetna Inc (>> Aetna Inc) and home improvement chain Home Depot Inc (>> Home Depot (The)). They are organizing the effort through the Chamber of Commerce, a broad trade group for corporate America.
The move comes in response to the emergence of such startups as BitSight Technologies, RiskRecon and SecurityScorecard that collect and analyze large swaths of data to rate companies on cyber security.
As these startups have gained prominence and venture capital funding, the companies they rate have complained of a lack of transparency.
"The challenge is that their (startups') methodologies are proprietary and there hasn’t been transparency on how they go about creating the ratings," JPMorgan Global Chief Information Security Officer Rohan Amin said in an interview.
The financial services industry is among the most vulnerable to cyber crime because of the massive amount of money and valuable data that banks, brokerages and investment firms process each day. Several technology companies, including Microsoft Corp (>> Microsoft Corporation) and Verizon Communications Inc (>> Verizon Communications), also support the principles being developed, as do the cyber ratings firms, the Chamber of Commerce said.
Ratings issued by those companies could help guide the standards being set by U.S. corporations. BitSight, for example, rates companies on a scale of 250 to 900 with a higher rating indicating better security performance.
"For organizations to use your platform you have to demonstrate trustworthiness and reliability," said Jake Olcott, BitSight's vice president of strategic partnerships.
(Reporting by Anna Irrera and Olivia Oran in New York; Editing by Lauren Tara LaCapra and Lisa Von Ahn)
By Anna Irrera and Olivia Oran