System Upgrade on Tue, May 28th, 2024 at 2am (EDT)
Existing users will be able to log into the site and access content. However, E-commerce and registration of new users may not be available for up to 12 hours.For online purchase, please visit us again. Contact us at customercare@wspc.com for any enquiries.
Results: 1 - 1of1
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
Data Breach Disclosure Laws and Social Responsibility Initiatives
Preview AbstractSynopsis
The research problem
This study investigated how firms employ corporate social responsibility (CSR) as a precautionary strategy in response to heightened concerns about cybersecurity following the adoption of data breach disclosure laws in the United States.
Motivation
CSR has garnered substantial attention in contemporary society. Simultaneously, the last few decades have witnessed a rapid surge of the digital economy. However, it remains unclear how CSR is adapting to digitalization. In this study, I focused on cybersecurity, a pivotal challenge in the digital age.
Theoretical reasoning
The enactment of data breach disclosure laws enhances the reporting of cybersecurity incidents and intensifies concerns about cybersecurity, promoting firms to take measures to mitigate the adverse impacts of data breaches. Building on the theory that CSR functions like an insurance policy, I hypothesized that firms increase their engagement in CSR to fortify their reputation after the enactment of data breach disclosure laws, helping cushion the potential impact of future breaches.
Analyses
The main analysis employed a difference-in-differences research design to compare the changes in CSR engagement between firms with high and low levels of cybersecurity risk following the enactment of data breach disclosure laws in the United States. Cross-sectional analyses delved into the underlying mechanisms. Additional analyses first explored the role of CSR in mitigating stock price decline and then illustrated reputational concerns after data breaches.
Findings
The main analysis showed that firms with high cybersecurity risk increase their CSR engagement to a greater extent following the adoption of data breach disclosure laws. CSR initiatives are particularly pronounced for firms likely to incur significant losses from data breaches, aligning with the theoretical framework and offering insight into the underlying mechanisms. I also found that firms with fewer financial constraints exhibit stronger CSR initiatives. Furthermore, these CSR initiatives are distinct and cannot be substituted by investments in information technology. The additional analysis illustrates that firms with superior CSR performance undergo a smaller stock price decline surrounding data breach announcements. This supports the notion that CSR functions much like insurance, shielding against the impacts of data breaches. Subsequently, this study presents direct evidence on firms’ concerns regarding the reputational impact of cybersecurity. Overall, this study underscores cybersecurity concerns as a driving force behind social responsibility initiatives in this digital era.
Target population
This research holds significance for policymakers worldwide who are considering cybersecurity-related regulations and for firms seeking effective risk management strategies in the face of cybersecurity challenges.