This research examines how organizational cybersecurity responses become isomorphic over time. Drawing on institutional theory, this study theorizes that mimetic pressures, normative pressures, and coercive pressures impact cybersecurity responses. Using the textual data gathered from the annual 10-K reports published by 87 large organizations and their competitors, topic modeling was employed to assess the cybersecurity responses and institutional pressures. Linear regression was applied to the resultant topic weights. Findings show that mimetic pressures were significant over time while coercive pressures were significant in the near-term and normative pressures were significant in the long-term. Implications for research and practice are discussed.