Abstract
Despite the increasing consensus that socially responsible behaviour can act as insurance against externally induced shocks, supporting evidence remains somewhat inconsistent. Our study provides a clear demonstration of the insurance-like properties of corporate social responsibility (CSR) in preserving corporate financial performance (CFP), in the event of a data (cyber) breach. Exploring a sample of 230 breached firms, we find that data breaches lead to significantly negative CFP outcomes for low CSR firms, with the dynamic being particularly pronounced in consumer-sensitive industries. Further, we show that firms increase their CSR activities in the aftermath of a breach to recover lost goodwill and regain stakeholder trust. Overall, our results support the use of CSR as a strategic risk-mitigation tool that can curtail the consequences of data breaches, particularly for firms operating in consumer-centric environments.
Original language | English |
---|---|
Pages (from-to) | 2503-2518 |
Number of pages | 16 |
Journal | Risk Analysis |
Volume | 43 |
Issue number | 12 |
Early online date | 07 Mar 2023 |
DOIs | |
Publication status | Published - Dec 2023 |
Keywords
- crisis management
- insurance hypothesis
- cyber risk
- risk perception