IDEAS home Printed from https://ideas.repec.org/a/eee/ijoais/v54y2024ics1467089524000290.html
   My bibliography  Save this article

The impact of cybersecurity risk management strategy disclosure on investors’ judgments and decisions

Author

Listed:
  • (Annabella) Huang, Jiehui
  • Murthy, Uday

Abstract

In March 2022, the Securities and Exchange Commission (SEC) proposed the mandatory reporting of cybersecurity risk management policies for public companies. This study aims to explore the potential impact of cybersecurity risk management strategy disclosure on nonprofessional investors. Using a 4 x 1 between-participants experimental design, we examine whether nonprofessional investors’ perceptions and decisions differ between disclosed cybersecurity risk management strategies of self-assessment, self-assessment referencing the National Institute of Standards and Technology (NIST) framework, third-party assurance, and insurance. We find that nonprofessional investors’ willingness to invest is significantly higher for the insurance strategy compared to the third-party cybersecurity examination and self-assessment (without reference to NIST) strategies. Moderated mediation analysis reveals that investors’ perceptions of financial risk moderates the mediating effect of perceived cybersecurity risk management strategy effectiveness on the relation between cybersecurity risk management strategy and likelihood of investment. Our study contributes to regulators, practitioners, and stakeholders concerned about the potential impact of cybersecurity risk management strategy disclosures on nonprofessional investors.

Suggested Citation

  • (Annabella) Huang, Jiehui & Murthy, Uday, 2024. "The impact of cybersecurity risk management strategy disclosure on investors’ judgments and decisions," International Journal of Accounting Information Systems, Elsevier, vol. 54(C).
  • Handle: RePEc:eee:ijoais:v:54:y:2024:i:c:s1467089524000290
    DOI: 10.1016/j.accinf.2024.100696
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S1467089524000290
    Download Restriction: Full text for ScienceDirect subscribers only

    File URL: https://libkey.io/10.1016/j.accinf.2024.100696?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Ling Yang & Linda Lau & Huiqi Gan, 2020. "Investors’ perceptions of the cybersecurity risk management reporting framework," International Journal of Accounting & Information Management, Emerald Group Publishing Limited, vol. 28(1), pages 167-183, January.
    2. Steven M. Glover & Douglas F. Prawitt & David A. Wood, 2008. "Internal Audit Sourcing Arrangement and the External Auditor's Reliance Decision," Contemporary Accounting Research, John Wiley & Sons, vol. 25(1), pages 193-213, March.
    3. Elliott, W.B. & Hodge, F. & Kennedy, J.J. & Pronk, M., 2007. "Are MBA students a good proxy for nonprofessional investors?," Other publications TiSEM 20271f1d-d385-4122-a175-f, Tilburg University, School of Economics and Management.
    4. Demek, Kristina C. & Kaplan, Steven E., 2023. "Cybersecurity breaches and investors’ interest in the firm as an investment," International Journal of Accounting Information Systems, Elsevier, vol. 49(C).
    5. DeAngelo, Linda Elizabeth, 1981. "Auditor size and audit quality," Journal of Accounting and Economics, Elsevier, vol. 3(3), pages 183-199, December.
    6. Tosun, Onur Kemal, 2021. "Cyber-attacks and stock market activity," International Review of Financial Analysis, Elsevier, vol. 76(C).
    7. Farkas, Maia & Murthy, Uday S., 2014. "Nonprofessional investors' perceptions of the incremental value of continuous auditing and continuous controls monitoring: An experimental investigation," International Journal of Accounting Information Systems, Elsevier, vol. 15(2), pages 102-121.
    8. Kristy Hodge & Nava Subramaniam & Jenny Stewart, 2009. "Assurance of Sustainability Reports: Impact on Report Users' Confidence and Perceptions of Information Credibility," Australian Accounting Review, CPA Australia, vol. 19(3), pages 178-194, September.
    9. Lisa Koonce & Marlys Gascho Lipe, 2010. "Earnings Trend and Performance Relative to Benchmarks: How Consistency Influences Their Joint Use," Journal of Accounting Research, Wiley Blackwell, vol. 48(4), pages 859-884, September.
    10. Peng, Jin & Zhang, Haofei & Mao, Juan & Xu, Shouhuai, 2023. "Repeated data breaches and firm value," Economics Letters, Elsevier, vol. 224(C).
    11. Jan Martin Lemnitzer, 2021. "Why cybersecurity insurance should be regulated and compulsory," Journal of Cyber Policy, Taylor & Francis Journals, vol. 6(2), pages 118-136, May.
    12. Asay, H. Scott & Libby, Robert & Rennekamp, Kristina M., 2018. "Do features that associate managers with a message magnify investors’ reactions to narrative disclosures?," Accounting, Organizations and Society, Elsevier, vol. 68, pages 1-14.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Cade, Nicole L., 2018. "Corporate social media: How two-way disclosure channels influence investors," Accounting, Organizations and Society, Elsevier, vol. 68, pages 63-79.
    2. Patrick Velte & Martin Stawinoga, 2017. "Empirical research on corporate social responsibility assurance (CSRA): A literature review," Journal of Business Economics, Springer, vol. 87(8), pages 1017-1066, November.
    3. Tobias Steindl, 2021. "Cultural rule orientation, legal institutions, and the credibility of corporate social responsibility reports," Corporate Social Responsibility and Environmental Management, John Wiley & Sons, vol. 28(1), pages 310-332, January.
    4. Libby, Robert & Rennekamp, Kristina M. & Seybert, Nicholas, 2015. "Regulation and the interdependent roles of managers, auditors, and directors in earnings management and accounting choice," Accounting, Organizations and Society, Elsevier, vol. 47(C), pages 25-42.
    5. Jennifer Martínez‐Ferrero & Isabel‐María García‐Sánchez & Emiliano Ruiz‐Barbadillo, 2018. "The quality of sustainability assurance reports: The expertise and experience of assurance providers as determinants," Business Strategy and the Environment, Wiley Blackwell, vol. 27(8), pages 1181-1196, December.
    6. Björn Röber, 2020. "Escalating internationalization decisions: intendedly rational, but only limitedly so?," Business Research, Springer;German Academic Association for Business Research, vol. 13(2), pages 455-484, July.
    7. El Ghoul, Sadok & Guedhami, Omrane & Pittman, Jeffrey, 2016. "Cross-country evidence on the importance of Big Four auditors to equity pricing: The mediating role of legal institutions," Accounting, Organizations and Society, Elsevier, vol. 54(C), pages 60-81.
    8. Chen, Wei & Han, Jun & Tan, Hun-Tong, 2016. "Investor reactions to management earnings guidance attributions: The effects of news valence, attribution locus, and outcome controllability," Accounting, Organizations and Society, Elsevier, vol. 55(C), pages 83-95.
    9. Tobias Gerwing & Peter Kajüter & Maximilian Wirth, 2022. "The role of sustainable corporate governance in mandatory sustainability reporting quality," Journal of Business Economics, Springer, vol. 92(3), pages 517-555, April.
    10. Saeed Rabea Baatwah & Adel Ali Al-Qadasi, 2020. "Determinants of outsourced internal audit function: a further analysis," Eurasian Business Review, Springer;Eurasia Business and Economics Society, vol. 10(4), pages 629-659, December.
    11. Belen Fernandez‐Feijoo & Silvia Romero & Silvia Ruiz, 2018. "Financial Auditor and Sustainability Reporting: Does it matter?," Corporate Social Responsibility and Environmental Management, John Wiley & Sons, vol. 25(3), pages 209-224, May.
    12. Natalia Vaz Ogando & Silvia Ruiz Blanco & Belen Fernandez-Feijoo, 2018. "A Provider’s Approach to the Assurance Market of Sustainability Reports in Spain," Administrative Sciences, MDPI, vol. 8(3), pages 1-27, June.
    13. Lopin Kuo & Po-Wen Kuo & Chun-Chih Chen, 2021. "Mandatory CSR Disclosure, CSR Assurance, and the Cost of Debt Capital: Evidence from Taiwan," Sustainability, MDPI, vol. 13(4), pages 1-19, February.
    14. Carolin Baier & Max Göttsche & Andreas Hellmann & Frank Schiemann, 2022. "Too Good To Be True: Influencing Credibility Perceptions with Signaling Reference Explicitness and Assurance Depth," Journal of Business Ethics, Springer, vol. 178(3), pages 695-714, July.
    15. Chen, Zhenhua & Loftus, Serena, 2019. "Multi-method evidence on investors’ reactions to managers’ self-inclusive language," Accounting, Organizations and Society, Elsevier, vol. 79(C).
    16. Elkins, Hamilton & Entwistle, Gary & Schmidt, Regan N., 2021. "The influence of opportunistic capital structure disclosure in international financial reporting on nonprofessional investors," Journal of International Accounting, Auditing and Taxation, Elsevier, vol. 42(C).
    17. Nicole L. Cade & Lisa Koonce & Kim I. Mendoza, 2020. "Using video to disclose forward-looking information: the effect of nonverbal cues on investors’ judgments," Review of Accounting Studies, Springer, vol. 25(4), pages 1444-1474, December.
    18. Ebrahim, Ahmed & Fattah, Tarek Abdel, 2015. "Corporate governance and initial compliance with IFRS in emerging markets: The case of income tax accounting in Egypt," Journal of International Accounting, Auditing and Taxation, Elsevier, vol. 24(C), pages 46-60.
    19. Sang Cheol Lee & Mooweon Rhee & Jongchul Yoon, 2018. "Foreign Monitoring and Audit Quality: Evidence from Korea," Sustainability, MDPI, vol. 10(9), pages 1-22, September.
    20. Gerry Gallery & Emerson Cooper & John Sweeting, 2008. "Corporate Disclosure Quality: Lessons from Australian Companies on the Impact of Adopting International Financial Reporting Standards," Australian Accounting Review, CPA Australia, vol. 18(3), pages 257-273, September.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:ijoais:v:54:y:2024:i:c:s1467089524000290. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/international-journal-of-accounting-information-systems/ .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.