- New
-
Topics
- All Categories
- Metaphysics and Epistemology
- Value Theory
- Science, Logic, and Mathematics
- Science, Logic, and Mathematics
- Logic and Philosophy of Logic
- Philosophy of Biology
- Philosophy of Cognitive Science
- Philosophy of Computing and Information
- Philosophy of Mathematics
- Philosophy of Physical Science
- Philosophy of Social Science
- Philosophy of Probability
- General Philosophy of Science
- Philosophy of Science, Misc
- History of Western Philosophy
- Philosophical Traditions
- Philosophy, Misc
- Other Academic Areas
- Journals
- Submit material
- More
Is Cybersecurity Risk Factor Disclosure Informative? Evidence from Disclosures Following a Data Breach
Journal of Business Ethics 187 (1):199-224 (2023)
Abstract
By examining managers’ decisions about disclosing updated assessments of firms’ risks, we present evidence that the risk factor disclosures are informative. We use the setting of cybersecurity risk factor disclosures after a data breach because data breaches, especially severe breaches, serve as a natural experiment where an exogenous shock to managers’ assessment of their firm’s cybersecurity risks occurs. We analyze the topic from the perspective of two different theoretical lenses: the economic lens of optimal risk exposure and the ethical lens of stakeholder theory. Using a sample of firms experiencing data breaches, we find that firms experiencing a data breach increase the amount of cybersecurity risk factor disclosures compared to matched firms with no data breach. Further investigation reveals that the severity of data breaches affects the results; cybersecurity risk factor disclosures increase only after severe data breaches. While there is no significant market reaction if breached firms’ subsequent annual reports include increased cybersecurity risk factor disclosures, a significant negative market reaction occurs if breached firms decrease cybersecurity risk factor disclosures, regardless of the severity of the breach, implying that the market anticipates increased disclosures after data breaches.My notes
Similar books and articles
Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure.Camélia Radu & Nadia Smaili - 2022 - Journal of Business Ethics 177 (2):351-374.
Corporate social responsibility and financial disclosures: An alternative explanation for increased disclosure. [REVIEW]David S. Gelb & Joyce A. Strawser - 2001 - Journal of Business Ethics 33 (1):1 - 13.
The effects of brand placement disclosures on skepticism and brand memory.Sophie C. Boerman, Karolina Tutaj & Eva A. van Reijmersdal - 2013 - Communications 38 (2):127-146.
Correction to: Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure.Camélia Radu & Nadia Smaili - 2022 - Journal of Business Ethics 177 (2):375-375.
Risk of disclosure of participating in an internet-based HIV behavioural risk study of men who have sex with men.C. M. Khosropour & P. S. Sullivan - 2011 - Journal of Medical Ethics 37 (12):768-769.
Stakeholder Perceptions of Risk in Mandatory Corporate Responsibility Disclosure.Lisa Baudot, Zhongwei Huang & Dana Wallace - 2020 - Journal of Business Ethics 172 (1):151-174.
Ethical issues in therapy: Therapist self-disclosure of sexual feelings.Craig D. Fisher - 2004 - Ethics and Behavior 14 (2):105 – 121.
Maybe If We Turn It Off and Then Turn It Back On Again? Exploring Health Care Reform as a Means to Curb Cyber Attacks.Deborah R. Farringer - 2019 - Journal of Law, Medicine and Ethics 47 (S4):91-102.
Clients’ Experience of Therapist-Disclosure: Helpful and Hindering Factors and Conditions.Lorato Kenosi & Duncan Cartwright - 2018 - Indo-Pacific Journal of Phenomenology 18 (2):155-166.
The Normativity and Legitimacy of CSR Disclosure: Evidence from France.Jean-Noël Chauvey, Sophie Giordano-Spring, Charles H. Cho & Dennis M. Patten - 2015 - Journal of Business Ethics 130 (4):789-803.
Informed Consent: Physician Inexperience is a Material Risk for Patients.Richard J. Veerapen - 2007 - Journal of Law, Medicine and Ethics 35 (3):478-485.
Environmental and Social Disclosures and Firm Risk.Mohammed Benlemlih, Amama Shaukat, Yan Qiu & Grzegorz Trojanowski - 2018 - Journal of Business Ethics 152 (3):613-626.
On the Value of Corporate Social Responsibility Disclosure: An Empirical Investigation of Corporate Bond Issues in China.Guangming Gong, Si Xu & Xun Gong - 2018 - Journal of Business Ethics 150 (1):227-258.
Managing Cybersecurity Risks of SCADA Networks of Critical Infrastructures in the IoT Environment.Stephen Kwamena Aikins - 2019 - In Zaigham Mahmood (ed.), Security, Privacy and Trust in the Iot Environment. Springer Verlag. pp. 3-23.
Analytics
Added to PP
2022-04-19
Downloads
14 (#934,671)
6 months
9 (#250,037)
2022-04-19
Downloads
14 (#934,671)
6 months
9 (#250,037)
Historical graph of downloads
References found in this work
A Feminist Reinterpretation of The Stakeholder Concept.R. Edward Freeman - 1994 - Business Ethics Quarterly 4 (4):475-497.
Defining ‘business ethics’: Like nailing jello to a wall.Phillip V. Lewis - 1985 - Journal of Business Ethics 4 (5):377-383.
Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure.Camélia Radu & Nadia Smaili - 2022 - Journal of Business Ethics 177 (2):351-374.
Stakeholder Perceptions of Risk in Mandatory Corporate Responsibility Disclosure.Lisa Baudot, Zhongwei Huang & Dana Wallace - 2020 - Journal of Business Ethics 172 (1):151-174.
The Value of Apology: How do Corporate Apologies Moderate the Stock Market Reaction to Non-Financial Corporate Crises?Marie Racine, Craig Wilson & Michael Wynes - 2020 - Journal of Business Ethics 163 (3):485-505.
PhilPapers logo by Andrea Andrews and Meghan Driscoll.
This site uses cookies and Google Analytics (see our terms & conditions for details regarding the privacy implications). Use of this site is subject to terms & conditions.
All rights reserved by The PhilPapers Foundation
Server: philpapers-web-7c76586df8-pp8v9 uwo