IDEAS home Printed from https://ideas.repec.org/a/kap/jmgtgv/v28y2024i2d10.1007_s10997-022-09660-7.html
   My bibliography  Save this article

Board of directors’ attributes and aspects of cybersecurity disclosure

Author

Listed:
  • Sylvie Héroux

    (Université du Québec à Montréal)

  • Anne Fortin

    (Université du Québec à Montréal)

Abstract

As cybersecurity is a critical risk issue for organizations, cybersecurity disclosure is important for financial regulators, financial analysts, shareholders, and other stakeholders. Organizations face challenges when deciding whether, what, and when cybersecurity-related information should be disclosed. Prior studies have contributed few insights regarding the potential determinants of cybersecurity disclosure. Furthermore, their findings are based on a general or narrow measurement of this disclosure. This study draws on upper echelons and signaling theories to examine the association between various board of directors’ characteristics and extent of overall cybersecurity disclosure and its individual aspects. Extent of cybersecurity disclosure is measured based on a content analysis of annual financial regulatory filings of the 250 companies listed on the S&P/TSX Composite Index, using a scoring grid of 40 items grouped into seven categories representing different aspects of cybersecurity disclosure. This expanded disclosure measurement provides original insights for firms and their stakeholders. The main findings indicate that the presence of a committee responsible for cybersecurity on the board of directors is key to increasing cybersecurity disclosure. With or without such a committee, board IT expertise, board tenure, board independence, women directors, and board age are associated with the extent of total cybersecurity disclosure or some of its specific aspects, particularly cybersecurity risk mitigation. These findings contribute to the cybersecurity literature by examining which board of directors’ characteristics influence the extent of specific aspects of cybersecurity disclosure. They also complement results from upper echelons-based studies on corporate reporting determinants and prior IT governance studies.

Suggested Citation

  • Sylvie Héroux & Anne Fortin, 2024. "Board of directors’ attributes and aspects of cybersecurity disclosure," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 28(2), pages 359-404, June.
    • Handle: RePEc:kap:jmgtgv:v:28:y:2024:i:2:d:10.1007_s10997-022-09660-7
    DOI: 10.1007/s10997-022-09660-7
    as

    Download full text from publisher

    File URL: http://link.springer.com/10.1007/s10997-022-09660-7
    File Function: Abstract
    Download Restriction: Access to full text is restricted to subscribers.
    File URL: https://libkey.io/10.1007/s10997-022-09660-7?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to search for a different version of it.

    References listed on IDEAS

    as
    1. Tawei Wang & Karthik N. Kannan & Jackie Rees Ulmer, 2013. "The Association Between the Disclosure and the Realization of Information Security Risk Factors," Information Systems Research, INFORMS, vol. 24(2), pages 201-218, June.
    2. Stephen Bear & Noushi Rahman & Corinne Post, 2010. "The Impact of Board Diversity and Gender Composition on Corporate Social Responsibility and Firm Reputation," Journal of Business Ethics, Springer, vol. 97(2), pages 207-221, December.
    3. Giovanna Michelon & Antonio Parbonetti, 2012. "The effect of corporate governance on sustainability disclosure," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 16(3), pages 477-509, August.
    4. Réal Labelle & Rim Gargouri & Claude Francoeur, 2010. "Erratum to: Ethics, Diversity Management, and Financial Reporting Quality," Journal of Business Ethics, Springer, vol. 93(2), pages 355-355, May.
    5. Ran, Guanggui & Fang, Qiaoling & Luo, Shuai & Chan, Kam C., 2015. "Supervisory board characteristics and accounting information quality: Evidence from China," International Review of Economics & Finance, Elsevier, vol. 37(C), pages 18-32.
    6. Eli Amir & Shai Levi & Tsafrir Livne, 2018. "Do firms underreport information on cyber-attacks? Evidence from capital markets," Review of Accounting Studies, Springer, vol. 23(3), pages 1177-1206, September.
    7. Stephen V. Brown & Xiaoli (Shaolee) Tian & Jennifer Wu Tucker, 2018. "The Spillover Effect of SEC Comment Letters on Qualitative Corporate Disclosure: Evidence from the Risk Factor Disclosure," Contemporary Accounting Research, John Wiley & Sons, vol. 35(2), pages 622-656, June.
    8. James D. Westphal & James W. Fredrickson, 2001. "Who directs strategic change? Director experience, the selection of new CEOs, and change in corporate strategy," Strategic Management Journal, Wiley Blackwell, vol. 22(12), pages 1113-1137, December.
    9. Nikos Vafeas, 2003. "Length of Board Tenure and Outside Director Independence," Journal of Business Finance & Accounting, Wiley Blackwell, vol. 30, pages 1043-1064.
    10. Gordon, Lawrence A. & Loeb, Martin P. & Lucyshyn, William & Sohail, Tashfeen, 2006. "The impact of the Sarbanes-Oxley Act on the corporate disclosures of information security activities," Journal of Accounting and Public Policy, Elsevier, vol. 25(5), pages 503-530.
    11. Fatma Baalouch & Salma Damak Ayadi & Khaled Hussainey, 2019. "A study of the determinants of environmental disclosure quality: evidence from French listed companies," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 23(4), pages 939-971, December.
    12. Dulacha Barako & Alistair Brown, 2008. "Corporate social reporting and board representation: evidence from the Kenyan banking sector," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 12(4), pages 309-324, November.
    13. Laura Georg, 2017. "Information security governance: pending legal responsibilities of non-executive boards," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 21(4), pages 793-814, December.
    14. Taïeb Hafsi & Gokhan Turgut, 2013. "Boardroom Diversity and its Effect on Social Performance: Conceptualization and Empirical Evidence," Journal of Business Ethics, Springer, vol. 112(3), pages 463-479, February.
    15. Sabyasachi Mitra & Sam Ransbotham, 2015. "Information Disclosure and the Diffusion of Information Security Attacks," Information Systems Research, INFORMS, vol. 26(3), pages 565-584, September.
    16. Walid Ben-Amar & Millicent Chang & Philip McIlkenny, 2017. "Board Gender Diversity and Corporate Response to Sustainability Initiatives: Evidence from the Carbon Disclosure Project," Journal of Business Ethics, Springer, vol. 142(2), pages 369-383, May.
    17. Baran, Lindsay & Forst, Arno, 2015. "Disproportionate insider control and board of director characteristics," Journal of Corporate Finance, Elsevier, vol. 35(C), pages 62-80.
    18. Elina Haapamäki & Jukka Sihvonen, 2019. "Cybersecurity in accounting research," Managerial Auditing Journal, Emerald Group Publishing Limited, vol. 34(7), pages 808-834, July.
    19. Martin Plöckinger & Ewald Aschauer & Martin R.W. Hiebl & Roman Rohatschek, 2016. "The influence of individual executives on corporate financial reporting: A review and outlook from the perspective of upper echelons theory," Journal of Accounting Literature, Emerald Group Publishing Limited, vol. 37(1), pages 55-75, October.
    20. Réal Labelle & Rim Makni Gargouri & Claude Francoeur, 2010. "Ethics, Diversity Management, and Financial Reporting Quality," Journal of Business Ethics, Springer, vol. 93(2), pages 335-353, May.
    21. repec:eme:maj000:maj-09-2018-2004 is not listed on IDEAS
    22. Brian R. Golden & Edward J. Zajac, 2001. "When will boards influence strategy? inclination × power = strategic change," Strategic Management Journal, Wiley Blackwell, vol. 22(12), pages 1087-1111, December.
    23. Lorenzo Patelli & Matteo Pedrini, 2015. "Is Tone at the Top Associated with Financial Reporting Aggressiveness?," Journal of Business Ethics, Springer, vol. 126(1), pages 3-19, January.
    24. Li, He & No, Won Gyun & Wang, Tawei, 2018. "SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors," International Journal of Accounting Information Systems, Elsevier, vol. 30(C), pages 40-55.
    25. Rachel Croson & Uri Gneezy, 2009. "Gender Differences in Preferences," Journal of Economic Literature, American Economic Association, vol. 47(2), pages 448-474, June.
    26. Nikos Vafeas, 2003. "Length of Board Tenure and Outside Director Independence," Journal of Business Finance & Accounting, Wiley Blackwell, vol. 30(7‐8), pages 1043-1064, September.
    27. Amemiya, Takeshi, 1984. "Tobit models: A survey," Journal of Econometrics, Elsevier, vol. 24(1-2), pages 3-61.
    28. Francisco Bravo, 2018. "Does board diversity matter in the disclosure process? An analysis of the association between diversity and the disclosure of information on risks," International Journal of Disclosure and Governance, Palgrave Macmillan, vol. 15(2), pages 104-114, May.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Lucrezia Songini & Anna Pistoni & Patrizia Tettamanzi & Fabrizio Fratini & Valentina Minutiello, 2022. "Integrated reporting quality and BoD characteristics: an empirical analysis," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 26(2), pages 579-620, June.
    2. Trang Cam Hoang & Indra Abeysekera & Shiguang Ma, 2018. "Board Diversity and Corporate Social Disclosure: Evidence from Vietnam," Journal of Business Ethics, Springer, vol. 151(3), pages 833-852, September.
    3. Camélia Radu & Nadia Smaili, 2022. "Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure," Journal of Business Ethics, Springer, vol. 177(2), pages 351-374, May.
    4. Eduardo Ortas & Igor Álvarez & Eugenio Zubeltzu, 2017. "Firms’ Board Independence and Corporate Social Performance: A Meta-Analysis," Sustainability, MDPI, vol. 9(6), pages 1-26, June.
    5. Dang, Rey & Houanti, L'Hocine & Sahut, Jean-Michel & Simioni, Michel, 2021. "Do women on corporate boards influence corporate social performance? A control function approach," Finance Research Letters, Elsevier, vol. 39(C).
    6. Michael Breen & Robert Gillanders & Gemma Mcnulty & Akisato Suzuki, 2017. "Gender and Corruption in Business," Journal of Development Studies, Taylor & Francis Journals, vol. 53(9), pages 1486-1501, September.
    7. Mehdi Nekhili & Hayette Gatfaoui, 2013. "Are Demographic Attributes and Firm Characteristics Drivers of Gender Diversity? Investigating Women’s Positions on French Boards of Directors," Journal of Business Ethics, Springer, vol. 118(2), pages 227-249, December.
    8. Helena Isidro & Márcia Sobral, 2015. "The Effects of Women on Corporate Boards on Firm Value, Financial Performance, and Ethical and Social Compliance," Journal of Business Ethics, Springer, vol. 132(1), pages 1-19, November.
    9. Ana Paula Pereira dos Passos & Jeferson Lana & Rosilene Marcon, 2023. "Social and political capabilities as nonmarket activities: What are they and how do firms develop them?," Corporate Social Responsibility and Environmental Management, John Wiley & Sons, vol. 30(6), pages 2718-2730, November.
    10. Nadia Smaili & Camélia Radu & Amir Khalili, 2023. "Board effectiveness and cybersecurity disclosure," Journal of Management & Governance, Springer;Accademia Italiana di Economia Aziendale (AIDEA), vol. 27(4), pages 1049-1071, December.
    11. Giuliana Birindelli & Stefano Dell’Atti & Antonia Patrizia Iannuzzi & Marco Savioli, 2018. "Composition and Activity of the Board of Directors: Impact on ESG Performance in the Banking System," Sustainability, MDPI, vol. 10(12), pages 1-20, December.
    12. Kara, Alper & Nanteza, Aziidah & Ozkan, Aydin & Yildiz, Yilmaz, 2022. "Board gender diversity and responsible banking during the COVID-19 pandemic," Journal of Corporate Finance, Elsevier, vol. 74(C).
    13. Um‐E‐Roman Fayyaz & Raja Nabeel‐Ud‐Din Jalal & Michelina Venditti & Antonio Minguez‐Vera, 2023. "Diverse boards and firm performance: The role of environmental, social and governance disclosure," Corporate Social Responsibility and Environmental Management, John Wiley & Sons, vol. 30(3), pages 1457-1472, May.
    14. Ding Ning & Irfan-Ullah & Muhammad Ansar Majeed & Aurang Zeb, 2022. "Board diversity and financial statement comparability: evidence from China," Eurasian Business Review, Springer;Eurasia Business and Economics Society, vol. 12(4), pages 743-801, December.
    15. Steven Boivie & Michael C. Withers & Scott D. Graffin & Kevin G. Corley, 2021. "Corporate directors' implicit theories of the roles and duties of boards," Strategic Management Journal, Wiley Blackwell, vol. 42(9), pages 1662-1695, September.
    16. Nicola Cucari & Salvatore Esposito De Falco & Beatrice Orlando, 2018. "Diversity of Board of Directors and Environmental Social Governance: Evidence from Italian Listed Companies," Corporate Social Responsibility and Environmental Management, John Wiley & Sons, vol. 25(3), pages 250-266, May.
    17. Ingersoll, Alicia R. & Cook, Alison & Glass, Christy, 2023. "A free solo in heels: Corporate risk taking among women executives and directors," Journal of Business Research, Elsevier, vol. 157(C).
    18. Masoud, Najeb & Al-Utaibi, Ghassan, 2022. "The determinants of cybersecurity risk disclosure in firms’ financial reporting: Empirical evidence," Research in Economics, Elsevier, vol. 76(2), pages 131-140.
    19. Elisa Menicucci & Guido Paolucci, 2022. "Board Diversity and ESG Performance: Evidence from the Italian Banking Sector," Sustainability, MDPI, vol. 14(20), pages 1-19, October.
    20. Isabel Gallego‐Álvarez & María Consuelo Pucheta‐Martínez, 2022. "Sustainable development through the effect of board diversity and CEO duality on corporate risk: Does the state‐owned enterprises matter?," Sustainable Development, John Wiley & Sons, Ltd., vol. 30(6), pages 1462-1476, December.

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:kap:jmgtgv:v:28:y:2024:i:2:d:10.1007_s10997-022-09660-7. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Sonal Shukla or Springer Nature Abstracting and Indexing (email available below). General contact details of provider: http://www.springer.com .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.