Market Reaction to Cyber Strategy Disclosure: Word Embedding Derived Approach

Abstract

In this study, we use a semi-supervised natural language processing (NLP) methodology to assess cybersecurity strategy of firms based on their 10-K filings. Adapted from the Cybersecurity Framework developed by the National Institute of Standards and Technology (NIST), five distinct cybersecurity strategies, namely identification, protection, detection, response, and recovery, are measured annually. We find evidence that cybersecurity identification strategy is positively and significantly associated with firm market value. For those firms experienced a cyberattack in the past, disclosing cybersecurity protection strategy is not positively assessed by the market. This paper makes contribution to the literature on cybersecurity by identifying the cyber strategies disclosed in 10-K reports using textual analysis, which can be used in future cyber studies. We further show empirical evidence of how market reacts to different strategies, which have valuable implications for industry as to how to better manage cyber risk.