Cybersecurity Governance in Australian Corporate Disclosures

Research Focus: This project analyzes how Australian ASX-listed companies discuss cybersecurity in their earnings calls and investor communications. We examine board involvement, regulatory references, and the specificity of cybersecurity disclosures over time.

Using large language models (LLMs) for text analysis, we extract and classify cybersecurity-related statements from transcripts spanning 2016 to 2024.

AI Transparency Notice

This research uses AI systems (GPT-4, Gemini) for text extraction and classification. In keeping with our research philosophy, we make the AI's work visible and accessible. See our methodology and validation results for full transparency on how the AI contributes to this analysis.

"The AI bots are doing all the science and research; the humans are responsible for the outputs. How do we make the work of the AI visible, transparent, and accessible so that we can take conscious responsibility?"

Dataset Overview

1,307

Transcripts Analyzed

1,128

Cybersecurity Sentences

Companies

Years (2016-2024)

Classification Labels

Board Involvement — References to board or senior management oversight of cybersecurity

Regulatory Reference — Mentions of cybersecurity regulations, compliance, or agencies

Specificity — Concrete details: threats, technologies, frameworks, or mitigation actions

Tag Distribution

Label	Count	% of Sentences	Description
Mentions Cyber	1,128	100%	All extracted sentences (base criterion)
Mentions Board	185	16.4%	Board/executive cybersecurity oversight
Regulatory Reference	59	5.2%	Compliance and regulatory mentions
Specificity	535	47.4%	Concrete cybersecurity details

Overall Trends

Overall cybersecurity mention trends across all companies from 2016-2024

Top Companies by Cybersecurity Mentions

Company	Total Sentences	Board	Regulatory	Specificity

View all companies →