New article
Recently updated
Understanding the Cybersecurity database
Who is this article for?
Users who want to learn about the Cybersecurity database.
No elevated permissions are required.
The Cybersecurity database from Audit Analytics tracks disclosures and impacts of data breaches affecting public companies, including both domestic and foreign SEC registrants.
1. Overview
- Monitors cybersecurity incidents reported by public companies
- Captures breach details as disclosed through regulatory filings
2. Common uses
- Identify companies that have reported a data breach
- Compare disclosure practices across companies
- Benchmark how quickly breaches are disclosed
- Review breach impacts such as number of records lost, type of data accessed, and associated costs
Note: The Cybersecurity database is available online and via data feeds (Feed85) with a valid subscription.
- Saved Search Alerts: Yes
- Daily Summary Emails: No
3. Data collection
- Public companies are required to disclose material cybersecurity breaches in a timely manner
- Once a breach is identified, relevant SEC filings are added as they become available
- Includes Form types: 10-K, 10-Q, 20-F, 8-K, and 6-K
- Prior to November 2023, data was also collected from state websites and press sources
4. Search filters
The Cybersecurity search page includes the following filters:
| Name | Description | Data Dictionary Field(s) | Sortable |
|---|---|---|---|
| Filter by Auditor | Search for a specific auditor or group | Current Auditor | No |
| Search by Ticker or CIK Code | Filter results to a specific company | CIK Code, Ticker | No |
| Search Release Text | Filter by specific release language | N/A | No |
| Market Index | Filter by market index | N/A | No |
| Breach Stage | Filter by breach phase: Investigation, Containment, or Remediation | Breach Stage | No |
| Materiality | Filter by whether the breach was deemed material | Materiality | No |
| Type of Attack | Filter by method used to infiltrate systems | Type of Attack | No |
| Type of Information | Filter by general category of data accessed | Type of Information | No |
| Disruption | Filter by operational impact of the breach | Disruption | No |
| Information Accessed | Filter by specific types of data accessed | Information Accessed | No |
| Market Cap | Filter by company market capitalization | Market Cap ($) | Yes |
| Revenues | Filter by company revenue range | Revenue ($) | Yes |
| Cost | Filter by breach-related costs | Cost ($) | Yes |
| Search Industries | Filter by company industry | SIC Code, NAICS Code | No |
| Company Location | Filter by business address | State Name, Region, County | Yes |
| Disclosed to SEC | Filter by whether the breach was disclosed to the SEC | Source Type | No |
| Disclosure Date | Filter by date breach became public | Date of Breach Disclosure | Yes |
| Number of Records Lost | Filter by number of records stolen | Number of Records Lost | Yes |
| Number of Impacted Users | Filter by number of affected users | Number of Impacted Users | Yes |
5. Viewing results
- Search results are displayed at the bottom of the page
- Available downloads and links include:
- Cybersecurity Data Dictionary
- CSV downloads of search results
- All fields in the CSV are defined in the Data Dictionary
- Company profile overviews