-
Journal menu
- General information
- Editorial Board and External Reviewers
- Journal Policies
- Publication Ethics and Malpractice Statement
- Instructions for authors
- Paper reviewing
- Article processing charge
- Feedback from stakeholders
- Journal’s Open Access statement
- Order hard copies of the journal
- Statement on the Use of Generative AI
Cybersecurity disclosure, board oversight, and financial performance: Evidence from European banking
Download This Article
Marwan Mansour 
, Bilal Nayef Zureigat , Abdulaziz Alkhlifhalsaeed, Ahmed Alkhatib
This work is licensed under a Creative Commons Attribution 4.0 International License.
Abstract
This study investigates whether voluntary cybersecurity disclosure (CSD) operates as a value-relevant governance mechanism in European banking. Drawing on stakeholder, agency, and signaling theories, we argue that credible cyber transparency reduces information asymmetry, strengthens legitimacy, and signals operational resilience to investors and regulators (Berkman et al., 2018; Alsadoun & Albaz, 2025). Using an unbalanced panel of 5,742 bank-year observations from 638 banks across 25 European countries (2014–2022), we construct a binary CSD indicator based on manual content analysis of annual reports and estimate pooled ordinary least squares (OLS), fixed-effects (FE), and two-step system generalized method of moments (GMM) models. The results show that CSD is positively associated with both accounting performance (return on equity, ROE) and market valuation (Tobin’s Q). These effects are stronger in banks with higher leverage and stronger board oversight, including greater audit committee expertise, board gender diversity, independence, and board skills. Our findings suggest that CSD is not merely a compliance exercise but a board-level governance tool that enhances financial outcomes and supports emerging regulatory initiatives such as the Digital Operational Resilience Act (DORA). The study offers policy-relevant insights for regulators, investors, and bank executives seeking to align digital resilience with sustainable financial performance.
Keywords: Cybersecurity Disclosure, Corporate Governance, Board Oversight, Corporate Reporting, Bank Performance, Europe
Authors’ individual contributions: Conceptualization — M.M.; Methodology — M.M.; Software — M.M. and B.N.Z.; Validation — B.N.Z.; Formal Analysis — M.M. and B.N.Z.; Investigation — Ab.A.; Resources — Ab.A.; Data Curation — B.N.Z.; Writing — Original Draft — M.M.; Writing — Review & Editing — B.N.Z., Ab.A., and Ah.A.; Visualization — M.M. and B.N.Z.; Supervision — M.M.; Project Administration — Ah.A.; Funding Acquisition — Ah.A.
Declaration of conflicting interests: The Authors declare that there is no conflict of interest.
JEL Classification: G21, G32, G34, K22, M41
Received: 19.09.2025
Revised: 09.12.2025; 24.12.2025
Accepted: 29.12.2025
Published online: 30.12.2025
How to cite this paper: Mansour, M., Zureigat, B. N., Alkhlifhalsaeed, A., & Alkhatib, A. (2026). Cybersecurity disclosure, board oversight, and financial performance: Evidence from European banking. Corporate Board: Role, Duties and Composition, 22(1), 8–22. https://doi.org/10.22495/cbv22i1art1
