Abstract
Despite the increasing consensus that socially responsible behaviour can act as insurance against externally induced shocks, supporting evidence remains somewhat inconsistent. Our study provides a clear demonstration of the insurance-like properties of corporate social responsibility (CSR) in preserving corporate financial performance (CFP), in the event of a data (cyber) breach. Exploring a sample of 230 breached firms, we find that data breaches lead to significantly negative CFP outcomes for low CSR firms, with the dynamic being particularly pronounced in consumer-sensitive industries. Further, we show that firms increase their CSR activities in the aftermath of a breach to recover lost goodwill and regain stakeholder trust. Overall, our results support the use of CSR as a strategic risk-mitigation tool that can curtail the consequences of data breaches, particularly for firms operating in consumer-centric environments.
| Original language | English |
|---|---|
| Number of pages | 16 |
| Journal | Risk Analysis |
| Early online date | 07 Mar 2023 |
| DOIs | |
| Publication status | Early online date - 07 Mar 2023 |
Keywords
- crisis management
- insurance hypothesis
- cyber risk
- risk perception
Access to Document
- Are the good spared? Corporate social responsibility as insurance against cyber security incidents
Copyright 2023 The Authors. This is an open access article published under a Creative Commons Attribution License (https://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution and reproduction in any medium, provided the author and source are cited.