“We argue that cyber and other financial shocks cannot be treated as uncorrelated vulnerabilities and policy solutions for cyber vulnerability need to be calibrated for adverse financial conditions.”
"Using a novel firm-level measure of cybersecurity, we find that cybersecurity risk increases the probability of bank default. The effect is larger for banks with deposit withdrawal, but less pronounced for banks with liquidity buffer. Our results are robust to using an instrumental variable approach and to using alternative measures. "
The increasing complexity of data protection laws, rising compliance costs, and evolving cyber threats make data security a vital business concern.
"... businesses have basic cybersecurity responsibilities and fundamental duties to operate securely in a digital society."
"Bank employees are more susceptible to being phished than professional services firm employees, but within the bank, the employees with professional certificates are less susceptible to phishing attacks than other bank employees. Also, employees with self-reported responsibility for cybersecurity are less likely to be phished."
"Cyber attacks can impair banks operations and precipitate bank runs. When digital infrastructure is shared, banks defend themselves by investing in cybersecurity but can free-ride on the security measures of others. Ex ante free-riding by banks interacts with the ex post coordination frictions underpinning bank runs."