Potentially Unintended Consequences of the SEC Restricting Managerial Discretion: Evidence from Peer Data Breaches and Cyber Risk Factors

46 Pages Posted: 19 Mar 2021 Last revised: 28 Jun 2021

See all articles by Musaib Ashraf

Musaib Ashraf

Michigan State University - Eli Broad College of Business

Date Written: June 28, 2021

Abstract

I document potentially unintended consequences of the SEC restricting managerial discretion, specifically focusing on the SEC’s 2011 guidance regarding cyber risk factors. Using peer data breaches as a salient proxy of non-breached firms that have material exposure to cyber risk and while controlling for firm and year fixed effects, I first find that peer breaches are associated with more unique cyber risk factor disclosures when non-breached firms’ managers possess greater discretion (in the pre-SEC-2011 period) and with less unique cyber risk factor disclosures after their discretion is limited (in the post-SEC-2011 period). I next find that a possible reason for the decrease in the post period is because firms are more likely to mirror the cybersecurity language used in the SEC’s 2011 guidance. Finally, I find that more unique cyber risk factors are more effective in reducing information asymmetry for investors. Altogether, my evidence is consistent with the SEC inducing an organizational shift from normative isomorphism to coercive isomorphism and suggests that the SEC may be harming disclosure informativeness by limiting managerial discretion.

Keywords: cybersecurity; cyber risk; data breaches; regulation; disclosure; risk factors

JEL Classification: M40; M41

Suggested Citation

Ashraf, Musaib, Potentially Unintended Consequences of the SEC Restricting Managerial Discretion: Evidence from Peer Data Breaches and Cyber Risk Factors (June 28, 2021). Available at SSRN: https://ssrn.com/abstract=3807487 or http://dx.doi.org/10.2139/ssrn.3807487

Musaib Ashraf (Contact Author)

Michigan State University - Eli Broad College of Business ( email )

632 Bogue St
East Lansing, MI 48824
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
392
Abstract Views
1,566
Rank
147,326
PlumX Metrics