기업지배구조와 사이버 보안 공시: 이사회 특성을 중심으로

Corporates face various forms of risk, and cyber security is recognized as one of the major risks confronting modern businesses (AICPA 2018; World Economic Forum 2019). Cyber security is perceived not just as a simple information technology issue but as a strategic risk management concern. Boards of directors have a responsibility to acknowledge and disclose the cyber security risks of the company and to implement reasonable procedures to manage them. This study analyzes the impact of board characteristics on cyber security disclosures among companies listed on the KOSPI and the KOSDAQ markets from 2011 to 2021. The analysis reveals that higher levels of board IT expertise, risk management expertise are associated with a greater likelihood of cyber security disclosure. Furthermore, the positive relationship between board expertise and cyber security disclosure is strengthened when the board independence or activity is stronger. Such findings indicate that sound corporate governance plays a pivotal role in effective risk management and transparent information disclosure, thereby enhancing stakeholder trust. By examining how the characteristics of corporate governance influence cyber security disclosures, this study expands the literature on risk management disclosures and provides significant insights from the governance perspective of ESG (Environment, Social, Governance).