ISE Cyber Security Industry Classification



Similar documents
ISE CLOUD COMPUTING TM INDEX

Achieving SOX Compliance with Masergy Security Professional Services

NETWORK AND CERTIFICATE SYSTEM SECURITY REQUIREMENTS

Dow Jones Composite All REIT Indices Methodology

Larry Wilson Version 1.0 November, University Cyber-security Program Critical Asset Mapping

Individuals can nominate their own work and multiple individuals within one organization can be nominated, albeit from discrete business units.

74% 96 Action Items. Compliance

The Return on Disability Company

Technical Accounting Alert

LONDON STOCK EXCHANGE HIGH GROWTH SEGMENT RULEBOOK 27 March 2013

Indxx SuperDividend U.S. Low Volatility Index

Looking at the SANS 20 Critical Security Controls

Consensus Policy Resource Community. Lab Security Policy

MSCI Global Investable Market Indices Methodology

Complying with the Federal Information Security Management Act. Parallels with Sarbanes-Oxley Compliance

INDEX METHODOLOGY MSCI REIT PREFERRED. Index Construction and Maintenance Methodology for the MSCI REIT Preferred Index.

INVESTRAN DATA EXCHANGE

Symphony Plus Cyber security for the power and water industries

MSCI Global Investable Market Indices Methodology

Summary Prospectus August 28, 2015, as revised September 21, 2015

A host-based firewall can be used in addition to a network-based firewall to provide multiple layers of protection.

STRATEGIC POLICY. Information Security Policy Documentation. Network Management Policy. 1. Introduction

Harnessing Innovation and Growth Within Tech

PureFunds ISE Cyber Security ETF (the Fund ) June 18, Supplement to the Summary Prospectus dated November 7, 2014

EA-ISP-012-Network Management Policy

Information Technology Policy

RoD Canada 50 Tracking Index Methodology July 2014

Guardian Digital Secure Mail Suite Quick Start Guide

Company Co. Inc. LLC. LAN Domain Network Security Best Practices. An integrated approach to securing Company Co. Inc.

TICSA. Telecommunications (Interception Capability and Security) Act Guidance for Network Operators.

Enterprise Security Architecture

Oracle Maps Cloud Service Enterprise Hosting and Delivery Policies Effective Date: October 1, 2015 Version 1.0

How To Configure Forefront Threat Management Gateway (Forefront) For An Server

INFORMATION TECHNOLOGY ENGINEER V

MANAGED SECURITY SERVICES

DISCLOSURE BROCHURE (FORM ADV, PART 2A) AMERIVEST INVESTMENT MANAGEMENT, LLC SEC File No Main: Fax:

Online Lead Generation: Data Security Best Practices

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

How To Ensure The C.E.A.S.A

BMO Global Asset Management (Asia) Limited 11 February 2016

Compliance series Guide to meeting requirements of the UK Government Cyber Essentials Scheme

Information Technology Branch Access Control Technical Standard

Case 2:13-cv ES-JAD Document Filed 12/09/15 Page 1 of 116 PageID: Appendix A

IP Telephony Management

A Practical Approach to Threat Modeling

Your Guide to E*TRADE s Platinum Independent Advisor Platform

Best Practices in ICS Security for System Operators. A Wurldtech White Paper

Lecture 23: Firewalls

TABLE OF CONTENTS. Section 5 IPv Introduction Definitions DoD IPv6 Profile Product Requirements...

Continuous Disclosure and Market Communication Policy

PCN Cyber-security Considerations for Manufacturers. Based on Chevron Phillips Chemical Company PCN Architecture Design and Philosophy

Anthony J. Albanese, Acting Superintendent of Financial Services. Financial and Banking Information Infrastructure Committee (FBIIC) Members:

Supplier Security Assessment Questionnaire

Information Technology Cyber Security Policy

UNCLASSIFIED (U) U.S. Department of State Foreign Affairs Manual Volume 5 Information Management 5 FAM 870 NETWORKS

Computer Networking. Definitions. Introduction

Computer and Network Security Policy

An Overview of Information Security Frameworks. Presented to TIF September 25, 2013

BEFORE THE BOARD OF COUNTY COMMISSIONERS FOR MULTNOMAH COUNTY, OREGON RESOLUTION NO

The Protection Mission a constant endeavor

SUPPLIER SECURITY STANDARD

TEAL: Transparent Archiving Library

Cyber security. ETFS ISE Cyber Security GO UCITS ETF. Investing in a safer digital future

WildFire Reporting. WildFire Administrator s Guide 55. Copyright Palo Alto Networks

How a Company s IT Systems Can Be Breached Despite Strict Security Protocols

Virtual LAN Configuration Guide Version 9

THE U.S. INFRASTRUCTURE EFFECT INTERVIEW BY CAROL CAMERON

Physical Protection Policy Sample (Required Written Policy)

Logical Operations CyberSec First Responder: Threat Detection and Response (CFR) Exam CFR-110

Security Controls What Works. Southside Virginia Community College: Security Awareness

Routing Security Server failure detection and recovery Protocol support Redundancy

VMware vcloud Air. Enterprise IT Hybrid Data Center TECHNICAL MARKETING DOCUMENTATION

Defined contribution workplace pensions: The audit of charges and benefits in legacy schemes

APPENDIX 3 TO SCHEDULE 3.3 SECURITY SERVICES SOW

How To Protect Your Data From Being Stolen

This is a preview - click here to buy the full publication

Rule 4-004M Payment Card Industry (PCI) Monitoring, Logging and Audit (proposed)

Securing Virtualization with Check Point and Consolidation with Virtualized Security

db x-trackers MSCI World Telecom Services Index UCITS ETF (Prospective DR) 1 Supplement to the Prospectus

Nuclear Plant Information Security A Management Overview

BME CLEARING s Business Continuity Policy

Pricelist Template Form

Payment Card Industry (PCI) Data Security Standard. Summary of Changes from PCI DSS Version 2.0 to 3.0

Chapter 15: Advanced Networks

Business resilience: The best defense is a good offense

Network Services Internet VPN

Continuous compliance through good governance

Information Technology Security Guideline. Network Security Zoning

Document process management solutions for MiFID compliance

can you simplify your infrastructure?

Transcription:

Industry Classification Methodology Guide ISE Cyber Security Industry Classification Issue 1.0 Issue date: August 26, 2015 Produced by: International Securities Exchange, LLC 60 Broad Street, New York NY 10004 www.ise.com 1

Table of Contents Chapter 1. Introduction... 3 Chapter 2. Industry Classification... 4 2.1. Structure and Changes... 4 2.2. Classification Guidelines... 4 2.3. Infrastructure Provider... 5 2.4. Service Provider... 5 Chapter 3. Classification Committee... 6 Chapter 4. Contact... 7

Chapter 1. Introduction Given the lack of an existing generally accepted equity classification scheme identifying and cataloging equity securities of companies involved in the cyber security industry, the ISE Cyber Security Industry Classification was developed by ISE. The ISE Cyber Security Industry Classification provides a framework for investment research, portfolio management and asset allocation. Eligible companies are publicly listed on exchanges globally and derive all or a material proportion of their revenues from cyber security or cyber security-related activities. ISE is responsible for the classification of companies within the ISE Cyber Security Industry Classification, maintenance of the database of companies comprising the ISE Cyber Security Industry Classification, including the history of changes, and the timely communication of any updates to licensees of the data. 3

Chapter 2. Industry Classification 2.1. Structure and Changes The Classification Committee will rely primarily on published audited annual reports and discussions with company investor relations groups, industry participants and experts to vet companies for inclusion and determine their classification. Companies are allocated into a category based on the focus of their business. In cases where a company s business straddles two or more segments, a final category determination will be made based on audited reported revenue segments as well as discussions with that company s investor relations group. Qualified and newly listed companies are assessed and approved by the Classification Committee for inclusion in the ISE Cyber Security Industry Classification. As the cyber security industry continues to evolve, the framework of the ISE Cyber Security Industry Classification will evolve in order to accurately reflect the thencurrent state of the cyber security industry. Any adjustments to the framework of the ISE Cyber Security Industry Classification will be based on long-term trends driving the cyber security industry and will be announced in advance of implementation. In the event of a significant change to a company s structure or business, its classification may be reviewed on an ad hoc basis. Events triggering a review include, but are not limited to: mergers, acquisitions, bankruptcy and delisting. Companies will also undergo a quarterly review. Companies may not apply, and may not be nominated for inclusion in the ISE Cyber Security Industry Classification. Additions and deletions to the list of companies eligible for classification may occur on an ad hoc basis and is dependent wholly on the reported activities of those companies. No changes in the ISE Cyber Security Index Classification will be based on nonpublic information. 2.2. Classification Guidelines All equities listed on exchanges globally are eligible for review. Companies are classified quantitatively and qualitatively. Each company is assigned to a single category according to its principal business activity based on audited financial reporting including the director s report. ISE uses revenues as a key factor in determining a company s principal business activity. Earnings and market perception are also recognized as important and relevant information for categorization purposes and are taken into account during the review process. The scope of the definition of cyber security can be quite broad. For the purposes of the ISE Cyber Security Index Classification, we consider cyber security to be concerned with enabling the protection of and secure communication between unique nodes of the internet from both external and internal threats. The basic eligibility determinant for inclusion in the ISE Cyber Security Index Classification is that prospective companies are either those which work to develop hardware and/or software that safeguards access to files, websites and networks from external origins or those that utilize these tools to provide consulting and/or secure cyber based services to their clients. 4

These two categorizations have been labeled as: i) Infrastructure Provider a company that is a direct provider of hardware or software for cyber security and for which cyber security business activities are the key driver of the business or, ii) Service Provider a company whose business model is defined by its role in providing secure cyber based services and for which those business activities are a key driver of the business. 2.3. Infrastructure Provider These companies provide hardware and/or software that help route and regulate message traffic in and out of networks. Anti-Virus - Companies providing anti-virus solutions fall into the definition of Infrastructure Provider as they provide protection against threats originating from external sources. Network Security - Examples of the type of network hardware products these companies produce include gateways, routers, bridges and switches. The set of operating instructions and security, referred to as a firewall, is usually bundled with the specific hardware element by the manufacturer although third party software can often be adapted to work outside of its native environment. In the case of firewalls, often times, third-party solutions can provide more robust solutions than those packaged with network hardware. 2.4. Service Provider These companies provide services that fall outside the narrow definition of Infrastructure Provider. Service Providers allow for their clients to conduct business securely while Infrastructure Providers are providing security itself. For example, a company may be engaged in domain name management or managing the efficient routing of internet traffic but do not have the responsibility for the security of the domains themselves or the nature of the traffic they are routing. Another example would be companies involved in the manufacture of secure credit cards, network authentication devices and/or electronic identity documents. 5

Chapter 3. Classification Committee The Classification Committee is comprised of employees of ISE. Additional resources include direct contact with companies engaged in cyber security and industry associations supporting the cyber security industry. The Classification Committee will meet on a quarterly basis to discuss any proposed changes to the ISE Cyber Security Industry Classification. Ad hoc meetings may be convened at the discretion of the Classification Committee. Meetings will typically consist of discussion and review of the framework and company classifications to ensure that the ISE Cyber Security Industry Classification continues to reflect the then-current state of the cyber security industry. 6

Chapter 4. Contact For any questions regarding the policies and procedures outlined in this document or for information regarding data licensing opportunities, please contact the ISE ETF Ventures Group by mail at: ISE ETF Ventures 60 Broad Street New York, NY 10004 U.S.A. Or by email at: etfventures@ise.com 7

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information