Predicting Cybersecurity Incidents Through Mandatory Disclosure Regulation

37 Pages Posted: 14 Nov 2020

See all articles by Aniket Kesari

Aniket Kesari

University of California, Berkeley - D-Lab (Data-Intensive Social Science Lab); Yale Law School

Date Written: May 21, 2020

Abstract

Cyber-crime is an increasingly common risk for organizations that collect and maintain vast troves of data. There is extensive literature that explores the causes of cyber-crime, but relatively little work that aims to predict future incidents. In 2011, the United States Securities and Exchange Commission (SEC) provided guidelines for how publicly traded companies should convey these risks to potential investors. The SEC and other regulatory agencies are exploring how to leverage artificial intelligence, machine learning, and data science tools to improve their regulatory efforts. This paper explores the potential to use machine learning and natural language processing techniques to analyze firms’ mandatory risk disclosure statements, and predict which firms are at the greatest risk of suffering cyber-security incidents. More broadly, this study highlights the potential for using legally mandated disclosures to bolster regulatory efforts, particularly in the context of prediction policy problems.

Suggested Citation

Kesari, Aniket, Predicting Cybersecurity Incidents Through Mandatory Disclosure Regulation (May 21, 2020). Available at SSRN: https://ssrn.com/abstract=3700243 or http://dx.doi.org/10.2139/ssrn.3700243

Aniket Kesari (Contact Author)

University of California, Berkeley - D-Lab (Data-Intensive Social Science Lab) ( email )

350 Barrows Hall
Berkeley, CA 94704
United States

HOME PAGE: http://https://akesari12.github.io/

Yale Law School ( email )

127 Wall Street
New Haven, CT 06510
United States

Do you have a job opening that you would like to promote on SSRN?

Paper statistics

Downloads
36
Abstract Views
219
PlumX Metrics