The Changing Cost of Cyber Events: An Event Study Analysis

Amadi, Jacob (2017) The Changing Cost of Cyber Events: An Event Study Analysis. [Dissertation (University of Nottingham only)]

[img] PDF - Registered users only - Requires a PDF viewer such as GSview, Xpdf or Adobe Acrobat Reader
Download (842kB)

Abstract

Since the beginning of the 21st century Cyber attacks have become increasingly prevalent. In the first half of 2017 we have already experienced numerous large scale cyber attacks. For example, in May the ‘Wannacry’ ransomware attack made thousands of companies’ systems and files inaccessible including the National Health Service. In light of the increased interconnectivity and subsequent increase in attacks, attempting to prevent and mitigate the effect of cyber attacks has become an important duty for risk managers in organisations of all sizes.

With the increase in events regulators are taking notice with various new regulations coming into effect either recently, or in the near future, around the world. These regulations are looking to bring to the attention of companies the full scale of costs to be expected when subject to an attack. With systems becoming increasingly interconnected not only internally but between businesses, the role of cyber awareness and proper sanctions is becoming a necessity in order to provide normal economic function.

This paper aims to add to current literature on Cyber events by addressing a couple of research gaps. First it examines if this increased prevalence has led to a change in investor perception of firms that are the subject of cyber events. This is done using the event study methodology to compare events since 2010 and how their abnormal returns have differed from the event that preceded them. Whilst other papers have looked at Cyber event related losses (Goldstein et.al 2011) this is the first, to my knowledge, to examine whether these effects have become more pronounced as time has gone on. Secondly, I examine whether firms in the tech industry suffer larger negative abnormal returns associated with a cyber event than those who are not in said industry. In doing so I aim to inform investors’ decisions on investing in tech companies with perceived IT operations weaknesses.

Item Type: Dissertation (University of Nottingham only)
Depositing User: Amadi, Jacob
Date Deposited: 12 Apr 2018 09:03
Last Modified: 17 Apr 2018 14:39
URI: http://eprints.nottingham.ac.uk/id/eprint/46342

Actions (Archive Staff Only)

Edit View Edit View