In financial markets, clients entrust their capital and data to financial infrastructure providers who are vulnerable to breaches. We develop a model in which infrastructure providers compete to provide secure and efficient client services, in the presence of a cyber-attacker. In equilibrium,...

A firm's failure to protect and control confidential information is posited to affect its cost of debt. Using a sample of 199 cybersecurity breaches from 2005 to 2014, I find a positive association between a cybersecurity breach and a firm's cost of privately placed debt. Compared with loans...

We develop a novel firm-level measure of cybersecurity risk using textual analysis of cybersecurity-risk disclosures in corporate filings. The measure successfully identifies firms extensively discussing cybersecurity risk in their 10-K, displays intuitive relations with quantitative measures of...

We develop a novel firm-level measure of cybersecurity risk using textual analysis of cybersecurity-risk disclosures in corporate filings. The measure successfully identifies firms extensively discussing cybersecurity risk in their 10-K, displays intuitive relations with quantitative measures of...

Using textual analysis and comparing cybersecurity-risk disclosures of firms that were hacked to others that were not, we propose a novel firm-level measure of cybersecurity risk for all US-listed firms. We then examine whether cybersecurity risk is priced in the cross-section of stock returns....

We develop a novel firm-level measure of cybersecurity risk using textual analysis of cybersecurity-risk disclosures in corporate filings. The measure successfully identifies firms extensively discussing cybersecurity risk in their 10-K, displays intuitive relations with quantitative measures of...

This study examines the impact of risk governance on cybercrime of selected listed firms in the Nigerian financial institutions. To achieve this, a sample size of 50 listed companies from the Nigerian financial sector was selected for the years 2013-2017, resulting in 250 observations. The study...

The cost of cybersecurity incidents is large and growing. However, conventional methods for measuring loss and choosing mitigation strategies use simplifying assumptions and are often not supported by cyber attack data. In this paper, we present a multivariate model for different, dependent...