Effective cyber risk management should include the use of insurance not only to transfer cyber risk but also to provide incentives for insured enterprises to invest in cyber self-protection. Research indicates that asymmetric information, correlated loss, and interdependent security issues make...

This study investigates how voluntary cybersecurity risk management (CyRM) assurance affects non-professional investors’ judgments and decisions. The study also examines how the value relevance of CyRM assurance is altered when having such assurance is expected/unexpected. Employing an...

We develop a novel firm-level measure of cybersecurity risk using textual analysis of cybersecurity-risk disclosures in corporate filings. The measure successfully identifies firms extensively discussing cybersecurity risk in their 10-K, displays intuitive relations with quantitative measures of...

Using textual analysis and comparing cybersecurity-risk disclosures of firms that were hacked to others that were not, we propose a novel firm-level measure of cybersecurity risk for all US-listed firms. We then examine whether cybersecurity risk is priced in the cross-section of stock returns....

We develop a novel firm-level measure of cybersecurity risk using textual analysis of cybersecurity-risk disclosures in corporate filings. The measure successfully identifies firms extensively discussing cybersecurity risk in their 10-K, displays intuitive relations with quantitative measures of...

This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security...

The scale and intensity of digital financial criminality has become more apparent and audacious over the past fifteen years. To counteract this escalating threat, financial technology (FinTech) and monetary and financial institutions (MFI) have attempted to upgrade their internal technological...

Based on technical assistance to central banks by the IMF’s Monetary and Capital Markets Department and Information Technology Department, this paper examines fintech and the related area of cybersecurity from the perspective of central bank risk management. The paper draws on findings from...

Cyber risk insurance has been introduced for more than two decades in the United States, yet the insurance market for cyber risk is tiny amounting to 1% ($6.5 billion) of premiums in the U.S. property-casualty insurance market in 2021. In this paper, we analyze what constrains the insurance...

This paper utilizes three large databases to better understand the characteristics of cyber loss events, especially how to deal with data biases and how cyber losses evolve over time. We first deal with the problem of report delay with an extended two-stage model in combination with detailed...