The Role of Peer Events in Corporate Governance: Evidence From Data Breaches
The Accounting Review, Forthcoming
Posted: 19 Feb 2021
Date Written: December 18, 2020
Economic theory suggests that negative peer events can result in market-wide spillovers which help unaffected firms take real actions to enhance corporate governance. Motivated by the SEC’s concern about cybersecurity, I study the role of peer events in corporate governance using the setting of data breaches. While controlling for firm-specific time-varying unobservable characteristics, I find that peer data breaches are associated with a reduction in future internal control material weaknesses for non-breached firms. The association is robust to a changes analysis and varies cross-sectionally with breach, firm, and board characteristics. Inferences remain consistent when studying IT-related material weaknesses only. Finally, non-breached firms are more likely to have a cybersecurity expert on the top management team after a peer breach. My findings have important implications for mandatory disclosure regulation in general and, in particular, suggest that regulators can help reduce market-wide exposure to cyber risk by facilitating disclosure of cyber incidents.
Keywords: peer events, corporate governance, internal controls, information technology, cybersecurity, information spillover, data breaches
JEL Classification: G34, M15
Suggested Citation: Suggested Citation