Cybersecurity disclosure and digital maturity as strategic drivers of banking performance: Evidence from Europe

• Cybersecurity disclosure enhances bank profitability across Europe. • A dual CSD index captures disclosure presence and depth. • National digital maturity strengthens CSD performance effects. • Institutional digital readiness amplifies cyber governance value. • CSD operates as a strategic capability in digitally advanced economies. This study examines whether cybersecurity disclosure (CSD) is associated with bank profitability and whether national digital maturity conditions this relationship across European banking systems. Prior research largely focuses on valuation effects, providing limited evidence on the operational governance implications of cybersecurity transparency. Using 8890 bank-year observations from 889 banks across 21 European countries (2014–2023), and employing a panel-data framework with fixed effects and complementary robustness and endogeneity checks, the study develops a dual CSD measure capturing disclosure presence and disclosure depth. Results show that CSD is positively associated with profitability. Disclosure depth demonstrates stronger explanatory power than disclosure presence, suggesting the importance of substantive cybersecurity reporting. National digital maturity as a critical institutional boundary condition shapes the profitability association of CSD, particularly among large banks. Overall, the findings suggest that CSD operates primarily as an operational governance mechanism whose effectiveness depends on supportive digital-institutional environments within European banking systems.