A new study reveals that U.S. data breach notification (DBN) laws are raising borrowing costs for companies, but robust cybersecurity investments can mitigate these expenses. The research, led by experts from The University of Western Australia (UWA), examines how these laws, which require companies to disclose data breaches to protect consumers, influence private debt costs.
Impact of Data Breach Notification Laws on Borrowing Costs
The study, published in The British Accounting Review, explored the financial repercussions of DBN laws on companies’ ability to secure private debt. According to lead author Nishant Agarwal, a lecturer at UWA’s Business School, the laws have led to an increase in the cost of borrowing as lenders reassess risks associated with potential future expenses, such as litigation costs stemming from data breaches.
Agarwal explained that lenders now consider the heightened risk of data breaches when setting borrowing terms for businesses. This shift results in higher borrowing costs, particularly for firms that are more vulnerable to cybersecurity threats or those with a history of internal control weaknesses.
Cybersecurity Investments Lower Debt Costs
Despite the challenges posed by the laws, the study highlights a silver lining for companies investing in strong cybersecurity measures. Agarwal’s research shows that firms with advanced cybersecurity infrastructure and top management leadership in technology are seen more favorably by lenders. These companies tend to enjoy more favorable borrowing terms, as their proactive stance on cybersecurity reassures lenders about their ability to manage cyber risks effectively.
“A company’s Cybersecurity Investments signal to lenders that it is taking steps to mitigate potential cyber threats,” Agarwal noted. “This proactive approach can result in lower borrowing costs, helping businesses stay financially resilient in an increasingly risky digital landscape.”
The Importance of Cybersecurity for Financial Resilience
The study’s findings underscore the crucial link between cybersecurity preparedness and financial resilience. Firms that prioritize cybersecurity, whether by upgrading their systems or appointing a technology officer to their board, can reduce the financial burden caused by rising debt costs due to data breach risks.
Agarwal emphasized the need for companies to adopt comprehensive risk management strategies that integrate both cybersecurity and regulatory compliance. As the study reveals, firms with robust cybersecurity strategies are better positioned to navigate the evolving regulatory environment, reducing the financial impact of DBN laws.
In conclusion, the research shows that while data breach notification laws may raise borrowing costs for businesses, those who invest in cybersecurity can effectively reduce these costs. Companies with forward-thinking risk management strategies are not only better protected against cyber threats but are also more likely to secure favorable borrowing terms.
