..., particularly relating to a firm’s cybersecurity activities. However, the transition and integration of the new framework into existing control systems could fail to meet the framework’s guiding principles, potentially increasing a firm’s risks. We examine whether COSO 2013 framework adoption is associated...

...Stel Valavanis cybersecurity cybersecurity maturity The author of this article serves as CEO of onShore Security, a CyberMaxx company. The views expressed in this article are those of the author and do not reflect the official position of onShore Security. Stel Valavanis...

... (MDA) disclosures in 10-X reports. In this context, we explore if sentiment types are informative when associated with other material events, namely cybersecurity breaches. Our results support the assertion that sentiment types, beyond positive and negative, are informative at the individual disclosure...

...Chris Zhijian He; JiangBo HuangFu; Mark Kohlbeck; Lin Wang ABSTRACT Cybersecurity breaches (CBs) negatively influence the breached firms’ business functions, including their innovative investments. Recent research documents a spillover effect of CBs into supply chain firm performance. We extend...

...Barri Litt; Paul Tanyi; Marcia Weidenmier Watson ABSTRACT Public company investors rely on the Big 4 audit firms to provide assurance over internal controls and financial reporting. What, then, would happen if one of these very assurance providers suffered its own cybersecurity breach? We examine...

... the AC's monitoring ability and oversight of cybersecurity risks. Chu Chen and Caroline Hartmann, Texas A&M University–Commerce, Department of Accounting and Finance, Commerce, TX, USA; Anne Gottfried, The University of Texas at Arlington, Marketing Department, Arlington, TX, USA. Editor's...

... employees are more susceptible to being phished than professional services firm employees, but within the bank, the employees with professional certificates are less susceptible to phishing attacks than other bank employees. Also, employees with self-reported responsibility for cybersecurity are less likely...

... IT management issues during 2014–2017 and their effect on firm profitability. According to the SIM surveys, the top two IT issues management prioritizes are security/cybersecurity/privacy and IT alignment with the business. We find that firms that prioritize these two IT management issues exhibit higher...

...Wanying Jiang; Joseph Legoria; Kenneth J. Reichelt; Stephanie Walton ABSTRACT Increasingly, firms are subject to rising cybersecurity risks. One way that firms can communicate cybersecurity uncertainty and reduce information asymmetry with external stakeholders is through cybersecurity risk...

...Arion Cheong; Kyunghee Yoon; Soohyun Cho; Won Gyun No ABSTRACT Cybersecurity has garnered much attention due to the increasing frequency and cost of cybersecurity incidents and has become a significant concern for organizations and governments. Regulators such as the Securities and Exchange...

...Nancy Lankton; Jean B. Price; Mohammad Karim ABSTRACT Cybersecurity is a serious and growing risk for organizations. Firms with board of director involvement in information technology governance (ITG) may be better equipped to deal with this risk. Yet little is known about the audit committee's...

...Stephanie Walton; Patrick R. Wheeler; Yiyang (Ian) Zhang; Xinlei (Ray) Zhao ABSTRACT Advances in information technology have greatly changed communications and business transactions between firms and their customers and suppliers. As a result, cybersecurity risk attracts ever increasing attention...

...Nirmalee I. Raddatz; Joshua G. Coyne; Bradley S. Trinkle ABSTRACT The purpose of this paper is to investigate the effect of internal motivators (psychological ownership, perceived control, and self-efficacy) on employees' intention to protect organizational data. The threat of cybersecurity...

...Andrea Seaton Kelton; Robin R. Pennington ABSTRACT In this study, we investigate the negative impact of a cybersecurity breach on a bystander (i.e., non-breached) firm in the same industry, referred to as investment contagion effects, and whether voluntary cybersecurity disclosures mitigate...

...Chris Zhijian He; Tracie Frost; Robert E. Pinsker ABSTRACT Many firms cite cyber risk as a primary risk factor due to the increase in cybersecurity breach (CSB) incidents. Existing research focuses on the negative, short-term impacts from CSBs, but the longer-term impact is still unknown. Our...

.... Editor's note: Accepted by Tawei (David) Wang. March 2018 April 2019 2019 cybersecurity earnings management security breaches Equifax's recent data security breach (DSB) created the largest individual information loss in recorded U.S. history ( McCrank and Finkle 2018...

...Michele L. Frank; Jonathan H. Grenier; Jonathan S. Pyzoha ABSTRACT This paper provides evidence that the efficacy of voluntary cybersecurity risk management reporting and independent assurance, in terms of enhancing investment attractiveness, depends on whether a company has disclosed a prior...

... conclude by providing a few explanations of why there appears to be an effect at the economy-wide level, but no noticeable effect on individual company performance. Editor's note: Accepted by Tawei (David) Wang. April 2018 November 2018 2019 cybersecurity breaches financial...

... there is a breach to understand how the financial statements and ICFR may have been affected. ⁶ Thus, it is an empirical question whether auditors price breach risk into their fees. breach risk audit fees corporate governance cybersecurity High-profile security breaches (Equifax, Target...