M&A and Cybersecurity Risk: Empirical Evidence
63 Pages Posted: 2 Aug 2022 Last revised: 25 Oct 2022
Date Written: October 25, 2022
Abstract
Using novel measures of cybersecurity risk, we document that low cybersecurity risk firms are more likely to be involved in M&A transactions. Mergers are significantly less likely to be withdrawn if the target has a low cybersecurity risk profile. Merger premium are higher for mergers involving low cybersecurity risk acquirers. Deals involving low cybersecurity risk firms yield superior post-merger operating performance and are less likely to trigger goodwill impairments. Announcement returns have also started to reflect cybersecurity risk in recent years. These findings offer novel evidence on the economic impact of cybersecurity risk on the market for corporate control.
Keywords: Mergers and Acquisitions, Cybersecurity Risk, M&A Withdrawal, Valuation
JEL Classification: G30, G34, M15
Suggested Citation: Suggested Citation