IDEAS home Printed from https://ideas.repec.org/a/eee/finana/v65y2019ics1057521919300274.html
   My bibliography  Save this article

What the hack: Systematic risk contagion from cyber events

Author

Listed:
  • Corbet, Shaen
  • Gurdgiev, Constantin

Abstract

This paper examines the impact of cybercrime and hacking events on equity market volatility across publicly traded corporations. The volatility influence of these cybercrime events is shown to be dependent on the number of clients exposed across all sectors and the type of the cyber security breach event, with significantly large volatility effects presented for companies who find themselves exposed to cybercrime in the form of hacking. Evidence is presented to suggest that corporations with large data breaches are punished substantially in the form of stock market volatility and significantly reduced abnormal stock returns. Companies with lower levels of market capitalisation are found to be most susceptible. In an environment where corporate data protection should be paramount, minor breaches appear to be relatively unpunished by the stock market. We also show that there is a growing importance in the contagion channel from cybersecurity breaches to markets volatility. Systematic weakness in the existent mechanisms for cybersecurity oversight and enforcement could be improved through the ring-fenced incentivisation of both current and ex-hackers. Their expertise is central to the identification of weak corporate cybersecurity practices.

Suggested Citation

  • Corbet, Shaen & Gurdgiev, Constantin, 2019. "What the hack: Systematic risk contagion from cyber events," International Review of Financial Analysis, Elsevier, vol. 65(C).
    • Handle: RePEc:eee:finana:v:65:y:2019:i:c:s1057521919300274
    DOI: 10.1016/j.irfa.2019.101386
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1057521919300274
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.irfa.2019.101386?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Anat Hovav & John D'Arcy, 2003. "The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 6(2), pages 97-121, September.
    2. Nelson, Daniel B, 1991. "Conditional Heteroskedasticity in Asset Returns: A New Approach," Econometrica, Econometric Society, vol. 59(2), pages 347-370, March.
    3. Robert Engle, 2004. "Risk and Volatility: Econometric Models and Financial Practice," American Economic Review, American Economic Association, vol. 94(3), pages 405-420, June.
    4. Kraemer-Mbula, Erika & Tang, Puay & Rush, Howard, 2013. "The cybercrime ecosystem: Online innovation in the shadows?," Technological Forecasting and Social Change, Elsevier, vol. 80(3), pages 541-555.
    5. Baillie, Richard T & Bollerslev, Tim, 2002. "The Message in Daily Exchange Rates: A Conditional-Variance Tale," Journal of Business & Economic Statistics, American Statistical Association, vol. 20(1), pages 60-68, January.
    6. Acemoglu, Daron & Malekian, Azarakhsh & Ozdaglar, Asu, 2016. "Network security and contagion," Journal of Economic Theory, Elsevier, vol. 166(C), pages 536-585.
    7. Bastiaan Overvest & Bas Straathof, 2015. "What drives cybercrime? Empirical evidence from DDoS attacks," CPB Discussion Paper 306.rdf, CPB Netherlands Bureau for Economic Policy Analysis.
    8. Bastiaan Overvest & Bas Straathof, 2015. "What drives cybercrime? Empirical evidence from DDoS attacks," CPB Discussion Paper 306, CPB Netherlands Bureau for Economic Policy Analysis.
    9. Camerer, Colin & Loewenstein, George & Weber, Martin, 1989. "The Curse of Knowledge in Economic Settings: An Experimental Analysis," Journal of Political Economy, University of Chicago Press, vol. 97(5), pages 1232-1254, October.
    10. Geoffrey Heal & Howard Kunreuther, 2004. "Interdependent Security: A General Model," NBER Working Papers 10706, National Bureau of Economic Research, Inc.
    11. Geoffrey Heal & Howard Kunreuther, 2007. "Modeling Interdependent Risks," Risk Analysis, John Wiley & Sons, vol. 27(3), pages 621-634, June.
    12. Ciner, Cetin & Gurdgiev, Constantin & Lucey, Brian M., 2013. "Hedges and safe havens: An examination of stocks, bonds, gold, oil and exchange rates," International Review of Financial Analysis, Elsevier, vol. 29(C), pages 202-211.
    13. Dungey, Mardi & Gajurel, Dinesh, 2015. "Contagion and banking crisis – International evidence for 2007–2009," Journal of Banking & Finance, Elsevier, vol. 60(C), pages 271-283.
    14. Kevin M. Gatzlaff & Kathleen A. McCullough, 2010. "The Effect of Data Breaches on Shareholder Wealth," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 13(1), pages 61-83, March.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Gunay, Samet & Goodell, John W. & Muhammed, Shahnawaz & Kirimhan, Destan, 2023. "Frequency connectedness between FinTech, NFT and DeFi: Considering linkages to investor sentiment," International Review of Financial Analysis, Elsevier, vol. 90(C).
    2. Mazaher Kianpour & Stewart J. Kowalski & Harald Øverby, 2021. "Systematically Understanding Cybersecurity Economics: A Survey," Sustainability, MDPI, vol. 13(24), pages 1-28, December.
    3. Goodell, John W. & Corbet, Shaen, 2023. "Commodity market exposure to energy-firm distress: Evidence from the Colonial Pipeline ransomware attack," Finance Research Letters, Elsevier, vol. 51(C).
    4. Akyildirim, Erdinc & Corbet, Shaen & O'Connell, John F. & Sensoy, Ahmet, 2021. "The influence of aviation disasters on engine manufacturers: An analysis of financial and reputational contagion risks," International Review of Financial Analysis, Elsevier, vol. 74(C).
    5. Corbet, Shaen & Goodell, John W., 2022. "The reputational contagion effects of ransomware attacks," Finance Research Letters, Elsevier, vol. 47(PB).
    6. Nadine Gatzert & Madeline Schubert, 2022. "Cyber risk management in the US banking and insurance industry: A textual and empirical analysis of determinants and value," Journal of Risk & Insurance, The American Risk and Insurance Association, vol. 89(3), pages 725-763, September.
    7. Tosun, Onur Kemal, 2021. "Cyber-attacks and stock market activity," International Review of Financial Analysis, Elsevier, vol. 76(C).
    8. Daniel Castillo & Joseph Falzon, 2018. "An Analysis of the Impact of WannaCry Cyberattack on Cybersecurity Stock Returns," Review of Economics & Finance, Better Advances Press, Canada, vol. 13, pages 93-100, August.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Torben G. Andersen & Tim Bollerslev & Per Frederiksen & Morten Ørregaard Nielsen, 2010. "Continuous-time models, realized volatilities, and testable distributional implications for daily stock returns," Journal of Applied Econometrics, John Wiley & Sons, Ltd., vol. 25(2), pages 233-261.
    2. Ataurima Arellano, Miguel & Rodríguez, Gabriel, 2020. "Empirical modeling of high-income and emerging stock and Forex market return volatility using Markov-switching GARCH models," The North American Journal of Economics and Finance, Elsevier, vol. 52(C).
    3. Dongweí Su, 2003. "Risk, Return and Regulation in Chinese Stock Markets," World Scientific Book Chapters, in: Chinese Stock Markets A Research Handbook, chapter 3, pages 75-122, World Scientific Publishing Co. Pte. Ltd..
    4. Baur, Dirk G. & Smales, Lee A., 2020. "Hedging geopolitical risk with precious metals," Journal of Banking & Finance, Elsevier, vol. 117(C).
    5. Wei Liu & Bruce Morley, 2009. "Volatility Forecasting in the Hang Seng Index using the GARCH Approach," Asia-Pacific Financial Markets, Springer;Japanese Association of Financial Economics and Engineering, vol. 16(1), pages 51-63, March.
    6. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    7. Oliver Linton & Douglas Steigerwald, 2000. "Adaptive testing in arch models," Econometric Reviews, Taylor & Francis Journals, vol. 19(2), pages 145-174.
    8. Kanungo, Rama Prasad, 2021. "Uncertainty of M&As under asymmetric estimation," Journal of Business Research, Elsevier, vol. 122(C), pages 774-793.
    9. Teräsvirta, Timo, 2006. "An introduction to univariate GARCH models," SSE/EFI Working Paper Series in Economics and Finance 646, Stockholm School of Economics.
    10. Shinichi Kamiya & Jun-Koo Kang & Jungmin Kim & Andreas Milidonis & René M. Stulz, 2018. "What is the Impact of Successful Cyberattacks on Target Firms?," NBER Working Papers 24409, National Bureau of Economic Research, Inc.
    11. G Sandmann & Siem Jan Koopman, 1996. "Maximum Likelihood Estimation of Stochastic Volatility Models," FMG Discussion Papers dp248, Financial Markets Group.
    12. Arturo Lorenzo Valdés & Antonio Ruiz Porras, 2014. "Un modelo Tgarch con una distribución t de student asimétrica y las hipótesis de racionalidad de los inversionistas bursátiles en Latinoamérica," Archivos Revista Economía y Política., Facultad de Ciencias Económicas y Administrativas, Universidad de Cuenca., vol. 19, pages 66-97, Enero.
    13. Tim Bollerslev, 2008. "Glossary to ARCH (GARCH)," CREATES Research Papers 2008-49, Department of Economics and Business Economics, Aarhus University.
    14. Yang (Greg) Hou & Mark Holmes, 2020. "Do higher order moments of return distribution provide better decisions in minimum-variance hedging? Evidence from US stock index futures," Australian Journal of Management, Australian School of Business, vol. 45(2), pages 240-265, May.
    15. Kai-Li Wang & Christopher Fawson & Christopher B. Barrett & James B. McDonald, 2001. "A flexible parametric GARCH model with an application to exchange rates," Journal of Applied Econometrics, John Wiley & Sons, Ltd., vol. 16(4), pages 521-536.
    16. Dahiru A. Balaa & Taro Takimotob, 2017. "Stock markets volatility spillovers during financial crises: A DCC-MGARCH with skewed-t density approach," Borsa Istanbul Review, Research and Business Development Department, Borsa Istanbul, vol. 17(1), pages 25-48, March.
    17. G.R. Pasha & Tahira Qasim & Muhammad Aslam, 2007. "Estimating and Forecasting Volatility of Financial Time Series in Pakistan with GARCH-type Models," Lahore Journal of Economics, Department of Economics, The Lahore School of Economics, vol. 12(2), pages 115-149, Jul-Dec.
    18. Feng, Yuanhua & Härdle, Wolfgang Karl, 2020. "A data-driven P-spline smoother and the P-Spline-GARCH models," IRTG 1792 Discussion Papers 2020-016, Humboldt University of Berlin, International Research Training Group 1792 "High Dimensional Nonstationary Time Series".
    19. Schindler, Felix, 2009. "Volatilitätseffekte am US-amerikanischen Häusermarkt," ZEW Discussion Papers 09-048, ZEW - Leibniz Centre for European Economic Research.
    20. Hou, Yang & Li, Steven, 2017. "Time-Varying Price Discovery and Autoregressive Loading Factors: Evidence from S&P 500 Cash and E-Mini Futures Markets," MPRA Paper 81999, University Library of Munich, Germany.

    More about this item

    Keywords

    EGARCH; Financial markets; Cybercrime; Regulation;
    All these keywords.

    JEL classification:

    • G15 - Financial Economics - - General Financial Markets - - - International Financial Markets
    • G32 - Financial Economics - - Corporate Finance and Governance - - - Financing Policy; Financial Risk and Risk Management; Capital and Ownership Structure; Value of Firms; Goodwill
    • G38 - Financial Economics - - Corporate Finance and Governance - - - Government Policy and Regulation

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:finana:v:65:y:2019:i:c:s1057521919300274. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: http://www.elsevier.com/locate/inca/620166 .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.