INTEGRUM ESG
Request a Demo
INTEGRUM ESG
Request a Demo
Why cyber risk is ESG risk - lessons from Europe’s airport crisis
9/22/2025 ~ 12:00:00 AM
< Browse all Insights

A cyberattack on Europe’s airport systems shows why cyber risk is not just a technology issue. It is governance risk, part of ESG, and it creates direct financial exposure.

 

What happened?

On 20-22 September 2025, a cyberattack on Collins Aerospace’s MUSE platform - the check-in and baggage system used across Europe - caused widespread disruption at Heathrow, Brussels, Berlin, and Dublin.

Passengers faced long queues, delays, and cancellations as airports were forced to revert to manual processing.

Airlines incurred significant operational costs, while frustrated travellers took to social media, amplifying the reputational impact.

 

The reputational fallout

The Integrum Platform tracked the incident in real time. Capturing the story breaking on Saturday, ESG sentiment around RTX Corporation (Collins Aerospace’s parent company) continued to drop, falling to a low of -99.7% as of Monday morning.

This sharp decline shows how reputational damage can unfold within hours, with investors, regulators, and stakeholders responding almost instantly.

 

The financial cost

According to EUROCONTROL benchmarks, each cancelled flight typically costs airlines tens of thousands of euros, while every minute of delay adds hundreds more.

With more than a hundred cancellations and extensive delays across Europe’s busiest hubs, the disruption likely translated into multi-million-euro losses.

This was not an IT glitch. It was a failure of governance in the supply chain.

 

Why cyber risk is ESG risk

The airport disruption highlights a wider truth: cyber risk is ESG risk. Governance practices and reporting frameworks are not yet fully adapted to capture it.

Cybersecurity is governance. Treating it as a narrow IT issue ignores its systemic financial and reputational impact.

Third-party risk is material. A single vendor failure disrupted multiple airports, showing how fragile supply chains can be.

Frameworks lag behind. ESRS and GRI reference continuity and privacy but do not explicitly cover cyber and supplier governance.

Trust moves quickly. Stakeholder confidence, as shown in live sentiment data, can collapse in hours.

 

Key Takeaways

Cybersecurity, governance, and financial outcomes are inseparable.

Oversight of suppliers and continuity planning must be a central part of governance.

Regulators and investors will increasingly expect auditable, formal processes for cyber and third-party risk management.

 

How Integrum ESG helps investors react and mitigate risk

Integrum ESG provides investors with decision-ready data and analytics so you can see emerging governance and cyber-related risks early, quantify potential impact, and act.

Our ESG Risk Intelligence solutions include:

• Live sentiment and controversy tracking - capture reputational shifts in real time, as we did when RTX Corporation’s sentiment dropped to -99.7% over the weekend.

• Governance-focused analytics - classify cyber incidents as governance risk and flag material events with direct financial relevance.

• Portfolio exposure insights - show where your holdings are linked to companies, sectors, or suppliers facing governance-driven disruption.

This gives investors the ability to respond quickly - whether by rebalancing, hedging, or engaging - before risks become fully priced into markets.

ESG Intelligence which is fast, transparent and affordable - only on the Integrum Platform.

INTEGRUM ESG
Have a question? We're here to help.
Call us on 020 3327 1555.
ABOUT US
THE PLATFORM
INFO
© 2025 INTEGRUM ESG. All rights reserved. Integrum and Geosphere are trading names of Integrum ESG Limited.