Purchase - $73
Add Paper to My Library
Permalink
Using these links will ensure access to this page indefinitely
Copy URL

Ex-intrusion Corporate Cyber Risk: Evidence from Internet Protocol Networks

Journal of Operational Risk, Vol. 16, No. 3

26 Pages Posted: 21 Oct 2021

See all articles by Bill B. Francis

Bill B. Francis

Rensselaer Polytechnic Institute (RPI) - Lally School of Management

Wenyao Hu

Saint Mary's University; Rensselaer Polytechnic Institute (RPI) - Department of Finance and Accounting

Thomas Shohfi

U.S. Securities and Exchange Commission

Multiple version iconThere are 2 versions of this paper

Date Written: May 27, 2020

Abstract

Previous event studies of corporate cyber risk have been limited to successful attacks on public firms, but the samples are biased because they are based on the economic magnitude of equity losses. To address this selection bias, we construct a larger and more representative sample of cyber intrusions only, finding diminished negative equity (insignificant corporate bond) market reactions compared with these prior studies. To identify cyber risk irrespective of observing successful attacks, we match public firms with internet protocol network data from the American Registry for Internet Numbers between 1991 and 2017. We find that both stockholders and creditors incorporate external internet protocol network size into the firm value. Further, debt and equity market reactions to cyber attacks are mitigated for firms with registered internet protocol networks and larger network deployments. Overall, our study reveals an important public data source that can help institutions proxy for and more accurately price firms’ cyber security risks.

Keywords: bank loans; cyber risk; cyber security; cyber attack; event study; firm risk

Suggested Citation

Francis, Bill B. and Hu, Wenyao and Hu, Wenyao and Shohfi, Thomas, Ex-intrusion Corporate Cyber Risk: Evidence from Internet Protocol Networks (May 27, 2020). Journal of Operational Risk, Vol. 16, No. 3, Available at SSRN: https://ssrn.com/abstract=3946436

Bill B. Francis

Rensselaer Polytechnic Institute (RPI) - Lally School of Management ( email )

Troy, NY 12180
United States

Wenyao Hu

Saint Mary's University ( email )

923 Robie Street
Halifax, Nova Scotia B3H 3C3
Canada

HOME PAGE: http://wenyaohu.com

Rensselaer Polytechnic Institute (RPI) - Department of Finance and Accounting ( email )

Pittsburg Building 2000
110, 8th street
Troy, NY 12180
United States

Thomas Shohfi (Contact Author)

U.S. Securities and Exchange Commission ( email )

Washington, DC
United States

HOME PAGE: http://shohfi.com/

Purchase - $73

Do you have a job opening that you would like to promote on SSRN?

Place Job Opening

Paper statistics

Downloads
0
Abstract Views
377
43 References
PlumX Metrics

Related eJournals

  • Risk Management eJournal

    Follow

    Risk Management eJournal

    Subscribe to this fee journal for more curated articles on this topic

    FOLLOWERS
    4,711
    PAPERS
    15,022
    This Journal is curated by:
    Jacob Boudoukh at Interdisciplinary Center (IDC) Herzliyah, Robert Sales at Global Association of Risk Professionals

  • Journal of Operational Risk

    Follow

    Journal of Operational Risk

    Subscribe to this free journal for more curated articles on this topic

    FOLLOWERS
    0
    PAPERS
    152