Download This PaperEvolution of Cybersecurity Disclosure in Canada
56 Pages Posted: 1 Sep 2023 Last revised: 14 Nov 2024
Date Written: August 21, 2024
Abstract
In this study, we investigate cybersecurity disclosure practices of a randomly selected sample of firms listed on the Toronto Stock Exchange from 2014 to 2020. Our results, based on an in-depth content analysis of corporate reports, show a steady increase in the number of firms that disclose cybersecurity-related information and in the level of such disclosures over time. While the disclosures have increased after the Canadian Securities Administrators issued guidelines for cybersecurity disclosure in 2017, the improvements in disclosure cannot be solely attributed to this policy. Despite the steady increases over time, there is a lot of room for improvement in critical areas of governance of cybersecurity, measures taken to mitigate cyber risks, and cyber incidents. This study contributes to our understanding of how cybersecurity disclosure has evolved in Canada, a country with a principle-based approach to corporate governance and with a less litigious environment than the United States.
Keywords: Cybersecurity Disclosure, Cyber Risks, IT Governance, Corporate Governance
Suggested Citation: Suggested Citation