Implications of Enhanced Cybersecurity Risk Management Reporting and Independent Assurance

According to the World Economic Forum (WEF) (2022), cybersecurity risk is the most immediate and financially material sustainability risk that organizations face. Companies experience significant financial and reputational losses in the market after a cyberattack. However, companies are only require...

Full description

Saved in:
Bibliographic Details
Published in:Current issues in auditing 2023-04, Vol.17 (1), p.P11-P18
Main Authors: Frank, Michele L., Grenier, Jonathan H., Pyzoha, Jonathan S., Zielinski, Natalie B.
Format: Article
Language:English
Subjects:
Cybercrime
Cybersecurity
Investors
Reliability
Reputations
Risk management
Sustainability
Sustainability management
Citations: Items that this one cites
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:According to the World Economic Forum (WEF) (2022), cybersecurity risk is the most immediate and financially material sustainability risk that organizations face. Companies experience significant financial and reputational losses in the market after a cyberattack. However, companies are only required to disclose a trivial amount of information about their cybersecurity risk management efforts (SEC 2014; Newman 2018). This paper summarizes Frank, Grenier, and Pyzoha (2019), which examines whether voluntarily providing additional disclosures regarding a company’s cybersecurity efforts, with or without assurance, increases investment attractiveness. Absent assurance, voluntary disclosures about the nature and effectiveness of cybersecurity efforts are sufficient to increase investment attractiveness for companies that have not (versus have) disclosed a prior cyberattack, as investors are less likely to question the disclosure’s reliability. Assurance provides a greater benefit to companies that have (versus have not) disclosed a prior cyberattack, as they benefit more from the reliability enhancement of assurance.
ISSN:1936-1270
1936-1270
DOI:10.2308/CIIA-2022-018