Internet Explorer is not supported on this site. For an optimal experience, please use a modern browser, such as Chrome, Edge, Firefox, or Safari.
Data privacy

The growing intersection of supply chains, connectivity and access to data is increasing the potential for cyber-attacks.

We provide insights, solutions and data to organizations and governments worldwide. We protect the data and security of our stakeholders, investing in world-class IT systems and infrastructure. Our employees uphold our security-first philosophy, and we hold our third-party partners to this same standard.

The global pandemic and remote work raised new threats in cybersecurity.

Moody’s built on its existing disaster preparedness capabilities for working from home with enhanced training on new methods for cyber-attack management. We continue to monitor and strengthen our IT infrastructure and partner with leading organizations to share cutting-edge security solutions.
Security management
We combine expertise and technological innovation to outpace emerging threats.

Our employees take cybersecurity training to better recognize and respond to potential threats including attack and phishing simulation exercises several times a year. We provide training portals on emerging cyber threats that help educate software development teams on secure coding practices.
Data protection
Our policies comply with the data privacy laws in the jurisdictions in which we operate. Moody’s Privacy Policy explains how we collect personal information, how we use, disclose and protect such information, and the choices our customers have concerning use of such data.

Reasonable organizational and technical measures were implemented to protect personal information within our organization, and our employees are required to take privacy and information security training that covers these concepts.

how we meet our data governance obligations