Keywords:
Assurance, Cyber Risk, Disclosure, Expected Returns, Investment PerformanceAbstract
Cyber risk is a financially material source of uncertainty that can reshape expected cash flows, downside tail risk, and investor confidence. This systematic literature review asks how cyber risk and cyber risk management influence investment performance, through which mechanisms, and when effects differ by context and measurement. Using peer-reviewed studies published from 2019 to 2024, the review synthesizes evidence across finance, accounting, and information systems. Findings show that cyber risk is reflected not only in breach-driven valuation shocks but also in latent exposure that affects risk premia and tail outcomes such as crash risk. The article discusses results through a mechanism-based lens linking governance and investment discipline, response reliability, disclosure credibility, and contracting spillovers to investment-relevant outcomes. Overall, cyber risk management is most performance-relevant when it lowers expected loss severity, strengthens credible assurance signals, and improves disclosure quality that reduces information asymmetry and ambiguity. Variation is explained by investor attention, industry digital intensity, inter-firm dependence, and proxy choice.
