Cyber Risk Disclosure Short
In plain terms
When a company adds substantially more cybersecurity, ransomware, or data-breach language in its annual risk-factors section, it may reflect a recent incident or rising security costs. This family shorts the stock for about 9 months after the filing. This is an in-house hypothesis, not an academic finding; the closest academic study (Florackis et al. 2023) finds high cyber-risk-exposure firms earn HIGHER returns as a risk premium.
How it works
Internally-motivated incident proxy: a sharp YoY spike in 10-K Item 1A cyber-keyword density is treated as evidence of (i) a realized incident that triggered the disclosure update and (ii) higher expected operating costs from security spend, so the firm is shorted after the filing. This is NOT the Florackis et al. (2023) construction, which prices the text-similarity LEVEL of cyber-risk exposure unconditionally and finds it carries a positive risk premium.
Live results
0 times picked on its own · 1 times inside a blend (1 beat the stock) · updated 2026-06-06Data dependencies
- Daily prices
Adjusted-close OHLCV for every US-listed ticker; primary price feed.
- SEC 10k sections
A data feed this strategy reads, refreshed on its normal schedule.
Expected edge
- Reported return
- -4 to -6% over 180d
- Tested over
- filing+45d to filing+225d
No academic magnitude claim. The previous "-4 to -6% over 180d" figure was misattributed to Florackis et al. 2023, whose actual finding is that high-exposure firms outperform by up to 8.3%/yr.
Related families
Spike in Item 1A risk-factor changes predicts ~2% underperformance over the next quarter.
Counts uncertainty/risk words ('may', 'could', 'challenging') in 10-K Item 1 (Business) YoY. A spike means management is privately more worried — bearish.
Explore Cyber Risk Disclosure Short on alphactor.ai
See which tickers this family is currently firing on, with live signals and rankings.