New research from Master of Financial Analysis (Business Research) graduate, Thao Dinh, has explored how cybersecurity risk influences the way that companies invest.
“Cybersecurity is a growing global threat. However, most research focuses on the operational side of cyberattacks. We wanted to understand whether these risks also affect strategic investment decisions,” Thao says.
Drawing on data from more than 42,000 firms, Thao’s study found that cybersecurity risk increases overinvestment but does not significantly affect underinvestment.
“This is an important nuance. It means that while firms may not necessarily reduce investment due to cyber threats, they may over allocate capital to expansionary or empire-building activities.”
Thao says this pattern can arise when managers justify expansion or extra spending under the banner of digital protection or resilience.
“Cybersecurity concerns can unintentionally create room for managerial overreach or inefficient capital allocation.”
Thao believes the findings have implications for corporate governance, investment policy and financial regulation.
“They highlight the importance of enhanced oversight, transparent cyber disclosures and stronger external monitoring mechanisms to prevent inefficient resource allocation.”
