The impact of information security events on the stock value of firms: the effect of contingency factors created by Ali Alper Yayla & Qing Hu

By:

Yayla, Ali Alper [author]

Contributor(s):

Hu, Qing [co-author]

Material type: Text

TextSeries: Journal of Information Technology ; Volume 26, number 1London: Palgrave, 2013Content type:

text

Media type:

unmediated

Carrier type:

volume

ISSN:

02683962

Subject(s):

information security -- Security breaches -- Economics of IS

LOC classification:

T58.5 JOU

Online resources:

Click here to access online

Abstract: The stock market reactions to information technology (IT)-related events have often been used as proxies to the value or cost of these events in the information systems literature. In this paper, we study the stock market reactions to information-security-related events using the event analysis methodology with consideration of the effects of a number of contingency factors, including business type, industry, type of breach, event year, and length of event window. We found that pure e-commerce firms experienced higher negative market reactions than traditional bricks-and-mortar firms in the event of security breach. We also found that denial of service attacks had higher negative impact than other types of security breaches. Finally, security events occurred in recent years were found to have less significant impact than those occurred earlier, suggesting that investors may have become less sensitive to the security events. Most interestingly, our analyses showed that the magnitude and longevity of security breaches vary with time across sub-samples. This raises some serious questions regarding the validity of analyzing only short-term stock market reactions as an indicator of the cost of security breaches, and in general, an indicator of the value of IT-related events. The implications of these results are discussed and potential future research directions are proposed.

Reviews from LibraryThing.com:

Tags from this library: No tags from this library for this title. Log in to add tags.

Average rating: 0.0 (0 votes)

Holdings
Item type	Current library	Call number	Vol info	Copy number	Status	Notes	Date due	Barcode
Journal Article	Main Library - Special Collections	T58.5 JOU (Browse shelf(Opens below))	Vol. 26, no. 1 (pages 60-77)	SP11437	Not for loan	For in house use

Browsing Main Library shelves, Shelving location: - Special Collections Close shelf browser (Hides shelf browser)

Previous	No cover image available	No cover image available	No cover image available	No cover image available	No cover image available	No cover image available	No cover image available	Next
Previous	T58.5 JOU A dynamic model of offshore software development	T58.5 JOU Managing Diverse Stakeholders in Enterprise Systems Projects: A Control Portfolio Approach	T58.5 JOU IT alignment and the boundaries of the IT function	T58.5 JOU The impact of information security events on the stock value of firms: the effect of contingency factors	T58.5 JOU Limitations to building institutional trustworthiness through e-government: a comparative study of two e-services in Chile	T58.5 JOU Design theory for dynamic complexity in information infrastructures: the case of building internet	T58.5 JOU Improvisation during process-technology adoption: a longitudinal study of a software firm	Next

The stock market reactions to information technology (IT)-related events have often been used as proxies to the value or cost of these events in the information systems literature. In this paper, we study the stock market reactions to information-security-related events using the event analysis methodology with consideration of the effects of a number of contingency factors, including business type, industry, type of breach, event year, and length of event window. We found that pure e-commerce firms experienced higher negative market reactions than traditional bricks-and-mortar firms in the event of security breach. We also found that denial of service attacks had higher negative impact than other types of security breaches. Finally, security events occurred in recent years were found to have less significant impact than those occurred earlier, suggesting that investors may have become less sensitive to the security events. Most interestingly, our analyses showed that the magnitude and longevity of security breaches vary with time across sub-samples. This raises some serious questions regarding the validity of analyzing only short-term stock market reactions as an indicator of the cost of security breaches, and in general, an indicator of the value of IT-related events. The implications of these results are discussed and potential future research directions are proposed.

There are no comments on this title.

to post a comment.

here