Material Contract Redactions and Cybersecurity Breaches

Material contract redactions are designed to protect firms’ temporary proprietary information until contracts can come to fruition. Protecting confidential and proprietary information from potential public disclosure is important for a firm’s future. Redactions provide confidential treatment for up to ten years before the contract information must become public. However, the nondisclosure nature of redacting material contract information could nonetheless signal potential value to external stakeholders and attract cybersecurity breaches. In this study, we investigate whether redactions are associated with a greater likelihood of future breaches. We find that redactions are associated with greater probability of a breach in the three years immediately following a redaction. Further, the relationship appears driven by certain contracts and the actual act of redacting. Our results suggest that the act of redacting material contract information provides a signal about a firm’s disclosure behavior, increasing cybersecurity risks.