The Financial Impact of the Cyber Security and Resilience Bill (CSRB) on Shareholder Value in the United Kingdom: An Event Study

Abstract

The Cyber Security and Resilience Bill underscores the growing adoption of mandatory non- financial disclosure as a regulatory mechanism and the increasing importance of cybersecurity. By defining and testing five hypotheses, this dissertation analyses investors' perceptions of whether future cyber risk mitigation outweighs compliance costs based on firm characteristics. The findings of the analysis reveal that, although the overall market was not affected, firms without a cybersecurity policy experienced negative abnormal returns on the event dates of the Cyber Security and Resilience Bill. This dissertation is the first to examine the impact of the Cyber Security and Resilience Bill, as it was only recently announced. This study contributes to the understudied field of economic and business perspectives on cybersecurity. The outcomes of this study could be helpful to the UK government, which is still adjusting the Bill, as well as to investors in other countries facing the possibility of more stringent cybersecurity regulations.