Cybersecurity awareness and market valuations

Aboody, 1998, The value relevance of intangibles: The case of software capitalization, J. Account. Res., 36, 161, 10.2307/2491312 Acquisti, A., Friedman, A., Telang, R., 2006. Is there a cost to privacy breaches? An event study. In: Proceedings of the Twenty Seventh International Conference on Information Systems, Wilwaukee, WI. AISA, 2017 Amir, 2018, Do firms underreport information on cyber-attacks? Evidence from capital markets, Rev. Account. Stud., 10.1007/s11142-018-9452-4 Athavaley, 2017 Barth, 1998, Brand values and capital market valuation, Rev. Account. Stud., 3, 41, 10.1023/A:1009620132177 Barth, 2009, Scale effects in capital markets-based accounting research, J. Bus. Finan. Account., 36, 253, 10.1111/j.1468-5957.2009.02133.x Berkman, H., Jona, J., Lee, G., Soderstrom, N.S., 2018a. Cybersecurity awareness and the cost of liquidity, working paper. Berkman, H., Jona, J., Soderstrom, N.S., 2018b. Do market valuations incorporate climate risk?, working paper. Bharadwaj, 1999, Information technology effects on firm performance as measured by tobin's q, Manage. Sci., 45, 1008, 10.1287/mnsc.45.7.1008 Bose, 2013, The impact of adoption of identity theft countermeasures on firm value, Decis. Support Syst., 55, 753, 10.1016/j.dss.2013.03.001 Campbell, 2014, The information content of mandatory risk factor disclosures in corporate filings, Rev. Account. Stud., 19, 396, 10.1007/s11142-013-9258-3 Campbell, 2003, The economic cost of publicly announced information security breaches: empirical evidence from the stock market, J. Comput. Secur., 11, 431, 10.3233/JCS-2003-11308 Cavusoglu, 2004, The effect of internet security breach announcements on market value: capital market reactions for breached firms and internet security developers, Int. J. Electronic Comm., 9, 70, 10.1080/10864415.2004.11044320 Chabrow Chai, 2011, Firms' information security investment decisions: stock market evidence of investors' behavior, Decis. Support Syst., 50, 651, 10.1016/j.dss.2010.08.017 Chatterjee, 2001, Examining the shareholder wealth effects of announcements of newly created CIO positions, MIS Quart., 43, 10.2307/3250958 Chen, 2012, Did it consulting firms gain when their clients were breached?, Comput. Human Behav., 28, 456, 10.1016/j.chb.2011.10.017 Choi, 2000, Market valuation of intangible assets, Journal of Business Research, 49, 35, 10.1016/S0148-2963(98)00121-0 Cisco, 2017. 2017 annual cybersecurity report. Clarkson, 2004, The market valuation of environmental capital expenditures by pulp and paper companies, Account. Rev., 79, 329, 10.2308/accr.2004.79.2.329 Cowley Deloitte Deloitte Deng, 1999, Science and technology as predictors of stock performance, Financ. Anal. J., 55, 20, 10.2469/faj.v55.n3.2269 Durbin Dye, 1985, Disclosure of nonproprietary information, J. Account. Res., 23, 123, 10.2307/2490910 Dye, 2010, Disclosure “bunching”, J. Account. Res., 48, 489, 10.1111/j.1475-679X.2010.00375.x Ettredge, 2003, Information transfer among internet firms: the case of hacker attacks, J. Inform. Syst., 17, 71, 10.2308/jis.2003.17.2.71 Ferraro, 2014, Groundbreaking or broken; an analysis of SEC cybersecurity disclosure guidance, its effectiveness, and implications, Albany Law Rev., 77, 297 Fischer, 2014 Francis, 1994, Shareholder litigation and corporate disclosures, J. Account. Res., 32, 137, 10.2307/2491279 Garg, 2003, The financial impact of it security breaches: what do investors think?, Inform. Syst. Secur., 12, 22, 10.1201/1086/43325.12.1.20030301/41478.5 Gatzlaff, 2010, The effect of data breaches on shareholder wealth, Risk Manage. Insur. Rev., 13, 61, 10.1111/j.1540-6296.2010.01178.x Goel, 2009, Estimating the market impact of security breach announcements on firm values, Inform. Manage., 46, 404, 10.1016/j.im.2009.06.005 Gordon, 2002, The economics of information security investment, ACM Trans. Inform. Syst. Secur. (TISSEC), 5, 438, 10.1145/581271.581274 Gordon, 2003, Sharing information on computer systems security: an economic analysis, J. Account. Public Policy, 22, 461, 10.1016/j.jaccpubpol.2003.09.001 Gordon, 2006, The impact of the Sarbanes-Oxley Act on the corporate disclosures of information security activities, J. Account. Public Policy, 25, 503, 10.1016/j.jaccpubpol.2006.07.005 Gordon, 2015, The impact of information sharing on cybersecurity underinvestment: a real options perspective, J. Account. Public Policy, 34, 509, 10.1016/j.jaccpubpol.2015.05.001 Gordon, 2015, Increasing cybersecurity investments in private sector firms, J. Cybersecur., 1, 3 Gordon, 2010, Market value of voluntary disclosures concerning information security, MIS Quart., 34, 567, 10.2307/25750692 Gordon, 2011, The impact of information security breaches: has there been a downward shift in costs?, J. Comput. Secur., 19, 33, 10.3233/JCS-2009-0398 Guillamon-Saorin, 2017, Impression management and non-GAAP disclosure in earnings announcements, J. Bus. Finan. Account., 44, 448, 10.1111/jbfa.12238 Higgs, 2016, The relationship between board-level technology committees and reported security breaches, J. Inform. Syst., 30, 79, 10.2308/isys-51402 Hilary, G., Segal, B., Zhang, M.H., 2016. Cyber-risk disclosure: who cares? Hinz, 2015, The influence of data theft on the share prices and systematic risk of consumer electronics companies, Inform. Manage., 52, 337, 10.1016/j.im.2014.12.006 Hirschey, 2004, Are scientific indicators of patent quality useful to investors?, J. Empirical Finance, 11, 91, 10.1016/j.jempfin.2003.01.001 Hiscox Hovav, 2005, Capital market reaction to defective it products: the case of computer viruses, Comput. Secur., 24, 409, 10.1016/j.cose.2005.02.003 Huang, 2013, Tone management, Account. Rev., 89, 1083, 10.2308/accr-50684 Im, 2001, A reexamination of it investment and the market value of the firm—an event study methodology, Inform. Syst. Res., 12, 103, 10.1287/isre.12.1.103.9718 Islam, 2018, Factors associated with security/cybersecurity audit by internal audit function: An international study, Manage. Audit. J., 10.1108/MAJ-07-2017-1595 Javers Jorgensen, 2003, Discretionary risk disclosures, Account. Rev., 78, 449, 10.2308/accr.2003.78.2.449 Kashmiri, 2017, Birds of a feather: Intra-industry spillover of the target customer data breach and the shielding role of it, marketing, and CSR, J. Acad. Market. Sci., 45, 208, 10.1007/s11747-016-0486-5 Lev, 1993, Fundamental information analysis, J. Account. Res., 31, 190, 10.2307/2491270 Li, H., No, W.G., Boritz, J.E., 2016. Are external auditors concerned about cyber incidents? Evidence from audit fees. Available at: <https://papers.ssrn.com/sol3/papers.cfm?abstract_id=2880928>. Li, 2018, SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors, Int. J. Account. Inform. Syst., 10.1016/j.accinf.2018.06.003 Loughran, 2011, When is a liability not a liability? Textual analysis, dictionaries, and 10-ks, J. Finance, 66, 35, 10.1111/j.1540-6261.2010.01625.x Malhotra, 2011, Evaluating customer information breaches as service failures: an event study approach, J. Service Res., 14, 44, 10.1177/1094670510383409 Martin, 2017, Data privacy: effects on customer and firm performance, J. Market., 81, 36, 10.1509/jm.15.0497 Matsumura, 2014, Firm-value effects of carbon emissions and carbon disclosures, Account. Rev., 89, 695, 10.2308/accr-50629 Menn Modi, 2015, Shareholder value implications of service failures in triads: the case of customer information security breaches, J. Operat. Manage., 35, 21, 10.1016/j.jom.2014.10.003 Morse, 2018, SEC cybersecurity guidelines: insights into the utility of risk factor disclosures for investors, Bus. Lawyer, 73 Morse, 2011, Market price effects of data security breaches, Inform. Secur. J.: A Global Perspect., 20, 263 Ohlson, 1995, Earnings, book values, and dividends in equity valuation, Contemp. Account. Res., 11, 661, 10.1111/j.1911-3846.1995.tb00461.x Pentland Pirounias, 2014, The relation between information security events and firm market value, empirical evidence on recent disclosures: An extension of the glz study, J. Inform. Secur. Appl., 19, 257 Prince PwC Rogers, 2009, Shareholder litigation and changes in disclosure behavior, J. Account. Econ., 47, 136, 10.1016/j.jacceco.2008.04.003 SEC, 2005. Securities and exchange commission final rule, release no. 33–8591 (fr-75). Edited by <http://www.sec.gov/rules/final/33-8591.pdf>. SEC, 2011. Cf disclosure guidance: Topic no. 2. Available at: <Https://www.Sec.Gov/divisions/corpfin/guidance/cfguidance-topic2.Htm>. SEC Spanos, 2016, The impact of information security events to the stock market: a systematic literature review, Comput. Secur., 58, 216, 10.1016/j.cose.2015.12.006 Steinbart, 2018, The influence of a good relationship between the internal audit and information security functions on information security outcomes, Account., Org. Soc., 10.1016/j.aos.2018.04.005 Telang, 2007, An empirical analysis of the impact of software vulnerability announcements on firm stock price, IEEE Trans. Softw. Eng., 8, 544, 10.1109/TSE.2007.70712 Trueman, 2000, The eyeballs have it: searching for the value in internet stocks, J. Account. Res., 137, 10.2307/2672912 Wang, 2007, Information technology capability: firm valuation, earnings uncertainty, and forecast accuracy, J. Inform. Syst., 21, 27, 10.2308/jis.2007.21.2.27 Wang, 2013, The association between the disclosure and the realization of information security risk factors, Inform. Syst. Res., 24, 201, 10.1287/isre.1120.0437 Wang, 2013, The textual contents of media reports of information security breaches and profitable short-term investment opportunities, J. Org. Comput. Electronic Comm., 23, 200, 10.1080/10919392.2013.807712 Westland, 2018, The information content of Sarbanes-Oxley in predicting security breaches, Manage. Sci. Yayla, 2011, The impact of information security events on the stock value of firms: the effect of contingency factors, J. Inform. Technol., 26, 60, 10.1057/jit.2010.4 Zafar, 2016, The value of the CIO in the top management team on performance in the case of information security breaches, Inform. Syst. Front., 18, 1205, 10.1007/s10796-015-9562-5