Working Paper: NBER ID: w28906
Authors: Rustam Jamilov; Hélène Rey; Ahmed Tahoun
Abstract: This paper uses computational linguistics to introduce a novel measure of firm-level cyber-risk exposure based on quarterly earnings conference calls of listed firms. Our data span 13,000 firms from 85 countries over 2002-2021. We show cyber-risk exposure predicts cyber-attacks, affects stock returns and profits, and is priced in the equity option market. Cyber-risks spill over across firms and pass through from firm to sectoral level. The geography of cyber-risk is well approximated by a gravity model in which financial proximity is key. Back-of-the-envelope calculations suggest that the global cost of cyber-risk is over $200 billion per year.
Keywords: cyber risk; financial stability; earnings calls; natural language processing; systemic risk
JEL Codes: F3; G0
Edges that are evidenced by causal inference methods are in orange, and the rest are in light blue.
| Cause | Effect |
|---|---|
| cyber risk exposure (K24) | spillover effects to non-exposed peers (C92) |
| cyber risk exposure (K24) | firms' quarterly stock return performance (G12) |
| cyber risk exposure (K24) | realized stock market volatility (G17) |
| cyber risk exposure (K24) | implied volatility (C69) |
| cyber risk exposure (K24) | variance risk premium (D81) |
| cyber risk exposure (K24) | downside risk slope (D81) |
| cyber risk exposure (K24) | firm market value (G10) |
| cyber risk exposure (K24) | realized cyberattacks (K24) |