ÖйúÒ»¼¶Æ¬

This study examines the effect of customers¡¯ cybersecurity risk on suppliers¡¯ cost management strategies. A firm¡¯s cost structure is affected by its expectations of future demand. Since customers¡¯ cybersecurity risk may impact suppliers¡¯ expectations regarding future demand, we expect suppliers to adjust their cost structure facing changes in customers¡¯ cybersecurity risk. Using customers¡¯ data breaches to measure changes in their cybersecurity risks and suppliers¡¯ cost stickiness to capture their cost management strategies, we find a negative association between customer data breaches and supplier cost stickiness, suggesting that such breaches reduce suppliers¡¯ optimism about future sales. This reduction is stronger if suppliers are managed by CEOs with high uncertainty avoidance and low long-term orientation. Employing the passage of data breach notification laws as a natural experiment, we find that the negative association between customer data breaches and supplier cost stickiness is less pronounced after these laws become effective. Our results are robust to measuring customer cybersecurity risk using the predicted probability of data breaches and controlling for supplier market competition and supplier data breaches. Collectively, our findings provide insights into the effect of data breaches and cybersecurity risks on cost management strategies along the supply chain network.

zcarol2@ceibs.edu