此内容来自:意见

首先是网络攻击。然后是内幕交易。

研究人员分享他们在期权交易中的披露尖峰的罢工证据。

当公司获得黑客后,自己的员工和知情外人在泄露泄露之前使用该信息在泄露之前进行交易?

答案是肯定的,根据我们的说法latest research

The Equifax case — a breach that jeopardized the personal data of up to 143 million people but went unreported for more than a month after surfacing — is a good example of how things can go south quickly. The weeks-long disclosure gap provided abundant opportunity for those in the know to take advantage of the information, and insiders did.

Using firm-level historical options trading activity from OptionMetrics, we investigated informed trading activity in equity options prior to firms’ cybersecurity breach disclosures. We found pervasive directional options activity, consistent with strategies that yield abnormal returns to investors with private information.

这项研究遵循我们以前的工作,表明许多公司杠杆酌情酌情什么时候他们揭示违约。有些行业,如healthcare, have strict rules around disclosure, firms in less regulated industries often take advantage of variations in reporting requirements, sometimes not releasing information for an extraordinary length of time. However, a delay in disclosing the information is sometimes a result of the companies’ trying to get a handle on the situation so that when they do make an announcement, the impact may be less, as they can show what they have done about it.

重要的是,存在披露成本,延迟报告违规行为创造了知情的交易机会。选择披露违约的公司和管理可以面临罚款和昂贵的诉讼,可能冒险客户关系,减少对融资的获取,并增加保险费。相反,选择沉默意味着它们可能能够完全避免这些成本。如果信息最终出现,与诉讼总成本相比,他们增加的风险可能包括一些额外费用或罚款,这可能是微不足道的。

最后,除非公司自愿披露它是违规的来源,否则遗漏,否则可能难以追踪它发生的地方。这种不确定的可追溯性产生进一步的抑制措施来披露。例如,目标公司透露,2013年12月,数亿个个人信息遭到损害。但是,对于其他不披露的公司来说,可能很难将源追溯到它们,因为违规可能会一次影响多个组织。

在网络安全披露之前交易

要得出结论,我们从2005年到2018年审查了公共数据来源,分析了事件对公共公司的影响。我们考虑了公司的许多方面,包括历史,数据泄露特征和其他变量,以确定违规是否更有可能与更大或更小的公司发生,以及哪种行业。

我们利用期权测量数据来分析行为途径,包括看潜在的策略,知情投资者可能会用来最大限度地利用利润或最小化风险。

我们看特定的情况下,投资者可能try to avoid large losses associated with upcoming negative news about a cybersecurity incident at their firm, and we also looked at the behavior of investors who might be aware of a breach and want to maximize their profits. To ensure that the data was randomized, we controlled for earnings announcements and other timely news activity. We also compared these behaviors to how investors might otherwise react on a daily basis.

We found pervasive directional options trading activity consistent with strategies that yield abnormal returns to investors who possess pre-disclosure breach information, supporting our hypothesis that informed trading associated with data breach announcements does happen. We found two types of options trading activity: one commonly associated with less sophisticated investors using pre-breach disclosure information to gain profits or hedge losses and another often observed among more experienced investors using more sophisticated strategies involving puts and calls.

We observed bearish call and hedging put strategies increasing prior to the official breach announcements. These effects were most significant for out-of-the-money, at-the-money, and in-the-money put options, which typically have the highest liquidity. Additionally, we found a spike in investors buying insurance against a stock crashing right before that company told the world it had been hacked. An increase in deep out-of-the-money trades indicates that informed investors expect negative news in the future. We also saw that the options trading activity before a firm’s breach disclosure was related to the negative abnormal stock returns the firm experienced after the disclosure. Thus the pre-disclosure trading activity was consistent with informed investors profiting from or buying insurance against a stock crashing right before the company told the world it had been hacked.

更明智的交易也与违规公司中的较低质量遵守控制有关。

The Scrutiny Effect

An overall structural shift toward greater awareness about data breaches can be observed since October 2009. Since then, increased scrutiny of breaches and greater awareness of trading around them have resulted in a decrease in informed trading before official announcements.

虽然在早期的网络安全减少了关注的时候,我们观察时间随着时间的推移而变化,2009年10月的谷歌查询急剧上升,从此保持相对较高。我们归因于奥巴马总统促进他宣传许多演讲的认识以及促进国家网络安全宣传月份的意识提高,从2009年以来举办了每10月庆祝活动的主题。此外,在2009年10月之前发生了两大的大数据泄露 - 在Heartland Pumdation Systems,影响超过1300万个账户,并在国家档案馆和记录行政管理,影响数百万美国军事退伍军人 - 促使人们更加考虑安全。

Exploitation + Enforcement

我们是第一次使用期权交易数据的研究,以便在公开披露违约事件之前分析与违规相关的通报。

与股票市场缺乏卖空不同,这可能会引起很多关注,期权交易的原因往往难以识别和追踪,因此对于知情贸易商来说可能更少。人们可能更廉价地利用选项职位更贵。因此,期权市场可能是一个很好的地方,即会揭示违反违规的污染消息。

Findings on the level of internal controls for reporting breaches and how they impact the likelihood of informed trading activity are also revealing. Much like with using a camera in a store to discourage theft, it appears that if regulatory controls are high, they may reduce informed trading around breaches. Conversely, if reporting requirements are low, it may be easier for someone outside of the investigation team to obtain, and trade on, information on a breach.

我们希望这些见解将有助于证券交易委员会和其他监管实体,因为它们评估了数据违规信息处理和披露举措的需要,以减少官方违约公告前的非公开信息的交易可能性。

Our research findings confirm the importance of having a unified legal and regulatory framework in place — and the presence of profiteers who exploit its absence.


Andy Naranjo is the John B. Hall professor of finance and the chairman of the Eugene F. Brigham Finance, Insurance, and Real Estate Department at the Warrington College of Business at the University of Florida, where he has published extensively on a range of financial assets and markets.

Svetlana Petrovais an assistant professor of finance at the University of New Hampshire’s Peter T. Paul College of Business and Economics, where her research revolves around fintech, cybersecurity, empirical investments, and behavioral finance.

有关更多信息,请参阅“在披露之前进行交易:网络安全违规行为和知情贸易。”