Are the good spared? Corporate social responsibility as insurance against cyber security incidents

Vassiliki Bamiatzi, Michael Dowling, Fabian Gogolin, Fearghal Kearney*, Samuel Vigne

*Corresponding author for this work

Research output: Contribution to journalArticlepeer-review

7 Citations (Scopus)
64 Downloads (Pure)

Abstract

Despite the increasing consensus that socially responsible behaviour can act as insurance against externally induced shocks, supporting evidence remains somewhat inconsistent. Our study provides a clear demonstration of the insurance-like properties of corporate social responsibility (CSR) in preserving corporate financial performance (CFP), in the event of a data (cyber) breach. Exploring a sample of 230 breached firms, we find that data breaches lead to significantly negative CFP outcomes for low CSR firms, with the dynamic being particularly pronounced in consumer-sensitive industries. Further, we show that firms increase their CSR activities in the aftermath of a breach to recover lost goodwill and regain stakeholder trust. Overall, our results support the use of CSR as a strategic risk-mitigation tool that can curtail the consequences of data breaches, particularly for firms operating in consumer-centric environments.
Original languageEnglish
Pages (from-to)2503-2518
Number of pages16
JournalRisk Analysis
Volume43
Issue number12
Early online date07 Mar 2023
DOIs
Publication statusPublished - Dec 2023

Keywords

  • crisis management
  • insurance hypothesis
  • cyber risk
  • risk perception

Fingerprint

Dive into the research topics of 'Are the good spared? Corporate social responsibility as insurance against cyber security incidents'. Together they form a unique fingerprint.

Cite this