Not logged in.

Contribution Details

Type Master's Thesis
Scope Discipline-based scholarship
Title The impact of cyberattacks on cybersecurity stock returns
Organization Unit
  • Lukas Wegmann
  • Steven Ongena
  • English
Institution University of Zurich
Faculty Faculty of Business, Economics and Informatics
Date 2022
Abstract Text This age of information is characterized by rapid developments of information technology and the fundamental change processes caused by such developments. However, the digital transformation and the resulting increase in connectivity and dependency of the economy through innovations such as the Internet of Things, Artificial Intelligence and Big Data also bring new threats - cyberattacks. Due to the increasing frequency of cyberattacks and in order to respond to the resulting threats to business processes, investments in cybersecurity have become of critical importance. As such, announcements of cyberattacks are a potential signal to investors about the future performance of cybersecurity companies. In this respect, there are only a few studies focusing on the impact of cyberattack announcements on the returns of cybersecurity companies and the most recent findings are based on observations from 1996 to 2001 and from 2006 to 2007. Therefore, this thesis is the first study to analyze this impact over a period from 2015 to 2021. This study uses the event study methodology and analyzes a total of 163 cyber events and the impact of these events on the returns of cybersecurity companies headquartered in the United States. The adjusted-market model is used to compute the abnormal returns within the event window. In contrast to previous research, this study does not find a significant impact. Furthermore, the impact of cyberattacks, classified by an impact-based cyber taxonomy, of different types is also examined. This isolated consideration also did not provide any significant results. This study can therefore not support the results of previous research in this field for a recent observation period from 2015 to 2021. These new results indicate that either investor perceptions of the optimal level of cybersecurity investment by attacked organizations have changed or that the information transfer effect is very small relative to the overall demand for cybersecurity.
Export BibTeX