While the importance of addressing cybersecurity risks and cyber incidents is widely acknowledged, there is no explicit requirement by regulators or audit standard setters for auditors to do so. This paper investigates 1) whether external auditors respond to cyber incidents by charging higher...