This paper presents a continuous-time dynamic model of market adoption of cybersecurity. Individuals choose whether and when to make a precautionary investment in self-protection against the evolving security risk of direct attack and indirect contagion. The equilibrium adoption path has a...

This paper utilizes three large databases to better understand the characteristics of cyber loss events, especially how to deal with data biases and how cyber losses evolve over time. We first deal with the problem of report delay with an extended two-stage model in combination with detailed...

This paper employs computational linguistics to introduce a novel text-based measure of firm-level cyber risk exposure based on quarterly earnings conference calls of listed firms. Our quarterly measures are available for more than 13,000 firms from 85 countries over 2002-2021. We document that...

Exploiting the staggered adoption of data breach notification (DBN) laws, which obligate firms to disclose data breaches when they occur, as an exogenous shock to data breach disclosures, we find that the adoption of these laws leads to higher future stock price crash risk. The positive relation...

This study contributes to the emerging literature on the determinants and the consequences of cyberattacks by examining the impact of inside debt compensation on a firm’s likelihood of experiencing a cyberattack and on attacked firms’ cash holdings, R&D investments, and asset tangibility. We...

We show that classical insurance models based on some compound distributions can well predict information leakage by cyber incidents with reducing the computational cost thanks to the model’s simplicity. We use the negative binomial distribution, a renewal process and a Hawkes process as the...

This article aims at providing an alternative explanation to cybersecurity conundrum in trade. This article takes a systemic and holistic stance to observe cybersecurity by applying an institutionalist approach to analyze the cybersecurity provisions in free trade agreements (hereinafter...

This White Paper presents in detail how the multi-methodologies of Intelligence Engineering (IE) and then Strategic Options Analysis (SOA) can be combined, offering the development of a number of scenarios and solutions to address uncertainty and generate decision-advantage in cyber contexts....

Cybersecurity is a significant concern for businesses worldwide among management, stakeholders, and regulators. In this paper, we explore the spillover effect of customer firms’ data breaches on their upstream supplier firms’ cost management strategies, proxied by cost stickiness, a...

Artificial intelligence techniques have advanced rapidly in recent years, and their practical applications can be found in a wide range of fields, from facial recognition to image analysis. In order to target the user, malware writers are now attempting to write more progressive, sophisticated...