IDEAS home Printed from https://ideas.repec.org/a/eee/ijoais/v30y2018icp40-55.html
   My bibliography  Save this article

SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors

Author

Listed:
  • Li, He
  • No, Won Gyun
  • Wang, Tawei

Abstract

Cybersecurity risk disclosure has received great attention in the past several years, especially after the passage of the Securities and Exchange Commission's (SEC's) cybersecurity disclosure guidance published on October 13, 2011. In this study, we examine the usefulness of cybersecurity-related risk factors disclosed in 10-K filings. We document that the presence of these risk factors in the pre-guidance period and length of these risk factors are related to future reported cybersecurity incidents. The association between the presence of cybersecurity risk disclosure and subsequently reported cybersecurity incidents becomes insignificant after the passage of the SEC's cybersecurity disclosure guidance. Our findings, in general, support the SEC's decision on emphasizing cybersecurity risk disclosure. However, SEC's disclosure guidance may unintentionally encourage firms to disclose cybersecurity risks regardless of the level of risks.

Suggested Citation

  • Li, He & No, Won Gyun & Wang, Tawei, 2018. "SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors," International Journal of Accounting Information Systems, Elsevier, vol. 30(C), pages 40-55.
    • Handle: RePEc:eee:ijoais:v:30:y:2018:i:c:p:40-55
    DOI: 10.1016/j.accinf.2018.06.003
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1467089518300812
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.accinf.2018.06.003?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Skinner, Dj, 1994. "Why Firms Voluntarily Disclose Bad-News," Journal of Accounting Research, Wiley Blackwell, vol. 32(1), pages 38-60.
    2. Benaroch, Michel & Chernobai, Anna & Goldstein, James, 2012. "An internal control perspective on the market value consequences of IT operational risk events," International Journal of Accounting Information Systems, Elsevier, vol. 13(4), pages 357-381.
    3. Beyer, Anne & Cohen, Daniel A. & Lys, Thomas Z. & Walther, Beverly R., 2010. "The financial reporting environment: Review of the recent literature," Journal of Accounting and Economics, Elsevier, vol. 50(2-3), pages 296-343, December.
    4. Tawei Wang & Karthik N. Kannan & Jackie Rees Ulmer, 2013. "The Association Between the Disclosure and the Realization of Information Security Risk Factors," Information Systems Research, INFORMS, vol. 24(2), pages 201-218, June.
    5. Verrecchia, Robert E., 2001. "Essays on disclosure," Journal of Accounting and Economics, Elsevier, vol. 32(1-3), pages 97-180, December.
    6. Doyle, Jeffrey & Ge, Weili & McVay, Sarah, 2007. "Determinants of weaknesses in internal control over financial reporting," Journal of Accounting and Economics, Elsevier, vol. 44(1-2), pages 193-223, September.
    7. Yang Bao & Anindya Datta, 2014. "Simultaneously Discovering and Quantifying Risk Types from Textual Risk Disclosures," Management Science, INFORMS, vol. 60(6), pages 1371-1391, June.
    8. Ke, Bin & Huddart, Steven & Petroni, Kathy, 2003. "What insiders know about future earnings and how they use it: Evidence from insider trades," Journal of Accounting and Economics, Elsevier, vol. 35(3), pages 315-346, August.
    9. Ole-Kristian Hope & Danqi Hu & Hai Lu, 2016. "The benefits of specific risk-factor disclosures," Review of Accounting Studies, Springer, vol. 21(4), pages 1005-1045, December.
    10. S. P. Kothari & Susan Shu & Peter D. Wysocki, 2009. "Do Managers Withhold Bad News?," Journal of Accounting Research, Wiley Blackwell, vol. 47(1), pages 241-276, March.
    11. Stephen V. Brown & Jennifer Wu Tucker, 2011. "Large‐Sample Evidence on Firms’ Year‐over‐Year MD&A Modifications," Journal of Accounting Research, Wiley Blackwell, vol. 49(2), pages 309-346, May.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Sylvie Héroux & Anne Fortin, 2024. "Board of directors’ attributes and aspects of cybersecurity disclosure," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 28(2), pages 359-404, June.
    2. Maryam Firoozi & Sana Mohsni, 2023. "Cybersecurity disclosure in the banking industry: a comparative study," International Journal of Disclosure and Governance, Palgrave Macmillan, vol. 20(4), pages 451-477, December.
    3. Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    4. Masoud, Najeb & Al-Utaibi, Ghassan, 2022. "The determinants of cybersecurity risk disclosure in firms’ financial reporting: Empirical evidence," Research in Economics, Elsevier, vol. 76(2), pages 131-140.
    5. Rajaa Ali Abed & Ahlam Hameed Kareem & Ali Khazaal Jabbar & Jasim Gshayyish zwaid & Hussein Falah Hasan, 2023. "The implementation of accounting information systems on the stock return and financial performance based on information technology (IT)," Eastern-European Journal of Enterprise Technologies, PC TECHNOLOGY CENTER, vol. 5(13 (125)), pages 57-64, October.

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Elsayed, Mohamed & Elshandidy, Tamer, 2021. "Internal control effectiveness, textual risk disclosure, and their usefulness: U.S. evidence," Advances in accounting, Elsevier, vol. 53(C).
    2. Tuo, Ling & Rezaee, Zabihollah & Gao, Lei, 2024. "Is there a tradeoff between management earnings forecasts and sustainability reporting?," Global Finance Journal, Elsevier, vol. 59(C).
    3. Hurwitz, Helen, 2017. "The understatement of large negative earnings news in managers’ annual guidance," Journal of Contemporary Accounting and Economics, Elsevier, vol. 13(2), pages 119-133.
    4. John L. Campbell & Hye Seung “Grace” Lee & Hsin‐Min Lu & Logan B. Steele, 2020. "Express Yourself: Why Managers' Disclosure Tone Varies Across Time and What Investors Learn From It," Contemporary Accounting Research, John Wiley & Sons, vol. 37(2), pages 1140-1171, June.
    5. Hans B. Christensen & Luzi Hail & Christian Leuz, 2021. "Mandatory CSR and sustainability reporting: economic analysis and literature review," Review of Accounting Studies, Springer, vol. 26(3), pages 1176-1248, September.
    6. Beattie, Vivien, 2014. "Accounting narratives and the narrative turn in accounting research: Issues, theory, methodology, methods and a research framework," The British Accounting Review, Elsevier, vol. 46(2), pages 111-134.
    7. Moumen, Néjia & Ben Othman, Hakim & Hussainey, Khaled, 2015. "The value relevance of risk disclosure in annual reports: Evidence from MENA emerging markets," Research in International Business and Finance, Elsevier, vol. 34(C), pages 177-204.
    8. Jaeschke, Reemda & Lopatta, Kerstin & Yi, Cheong, 2018. "Managers’ use of language in corrupt firms’ financial disclosures: Evidence from FCPA violators," Scandinavian Journal of Management, Elsevier, vol. 34(2), pages 170-192.
    9. Ling Tuo & Ji Yu & Yu Zhang, 2020. "How do industry peers influence individual firms’ voluntary disclosure strategies?," Review of Quantitative Finance and Accounting, Springer, vol. 54(3), pages 911-956, April.
    10. Elizabeth Blankespoor & Bradley E. Hendricks & Joseph Piotroski & Christina Synn, 2022. "Real-time revenue and firm disclosure," Review of Accounting Studies, Springer, vol. 27(3), pages 1079-1116, September.
    11. Mirko S. Heinle & Kevin C. Smith, 2017. "A theory of risk disclosure," Review of Accounting Studies, Springer, vol. 22(4), pages 1459-1491, December.
    12. Lamia Chourou & Luo He & Ligang Zhong, 2020. "Does religiosity enhance the quality of management earnings forecasts?," Journal of Business Finance & Accounting, Wiley Blackwell, vol. 47(7-8), pages 910-948, July.
    13. Christian Leuz & Peter D. Wysocki, 2016. "The Economics of Disclosure and Financial Reporting Regulation: Evidence and Suggestions for Future Research," Journal of Accounting Research, Wiley Blackwell, vol. 54(2), pages 525-622, May.
    14. Anna Agapova & Jagadison K. Aier & Zhanel DeVides, 2022. "Earnings patterns and managerial guidance," Review of Quantitative Finance and Accounting, Springer, vol. 59(3), pages 1173-1213, October.
    15. Imhof, Michael J & Seavey, Scott E., 2018. "How investors value cash and cash flows when managers commit to providing earnings forecasts," Advances in accounting, Elsevier, vol. 41(C), pages 74-87.
    16. Sung, Hao-Chang & Ho, Shirley J., 2023. "Disclosure strategies for management earnings forecasts: The role of managerial compensation structures, overoptimism, and effort," Journal of Contemporary Accounting and Economics, Elsevier, vol. 19(1).
    17. Kross, William J. & Ro, Byung T. & Suk, Inho, 2011. "Consistency in meeting or beating earnings expectations and management earnings forecasts," Journal of Accounting and Economics, Elsevier, vol. 51(1-2), pages 37-57, February.
    18. Semih Tartaroglu & Michael Imhof, 2017. "Insider trading and response to earnings announcements: the impact of accelerated disclosure requirements," Review of Quantitative Finance and Accounting, Springer, vol. 49(2), pages 315-336, August.
    19. Ali, Ashiq & Klasa, Sandy & Yeung, Eric, 2014. "Industry concentration and corporate disclosure policy," Journal of Accounting and Economics, Elsevier, vol. 58(2), pages 240-264.
    20. Pastwa, Anna M. & Shrestha, Prabal & Thewissen, James & Torsin, Wouter, 2021. "Unpacking the black box of ICO white papers: a topic modeling approach," LIDAM Discussion Papers LFIN 2021018, Université catholique de Louvain, Louvain Finance (LFIN).

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijoais:v:30:y:2018:i:c:p:40-55. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-accounting-information-systems/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.