Despite the growing literature on cybersecurity investment, significant gaps remain unaddressed. First, the existing literature does not differentiate between cybersecurity expenditures, namely investment versus spending, despite the differences in their financial treatments. Second, the literature predominantly employs economic and risk-based models, in which the incorporation of financial parameters is limited. Third, the literature focuses on quantifying market (stock) loss of cyberattacks or conducting a cost-benefit analysis of cybersecurity investments but has yet to bridge these two areas. Thus, our objective is to introduce a new financial model, the Alpha Model, that addresses these gaps. We first provide distinctions between cybersecurity investment (capital expenditure) and spending (operational expenditure). Grounded in Relative Valuation Models and Optimal Capital Structure Theory, we quantify the upper-bound of optimal cybersecurity investment by utilizing book and market values of equity and debt. We also demonstrate that the Net Present Values (NPV) of cybersecurity investment is considerably lower than its book value by incorporating financial parameters of equity and debt financing, inflation-adjusted capital cost, and tax credits of depreciation and interest. To validate our model, we empirically test it by using data from the S&P500 index during 2018–2023. We offer practical implications to key stakeholders, including: (1) industry executives to financially quantify cybersecurity investments and ascertain their actual NPVs, individually and collaboratively with supply chain partners; (2) cybersecurity solution providers to promote business investments in cybersecurity; and (3) insurance providers to price premiums with higher NPVs than the corresponding investments. We also offer several avenues for further research.