It's not my fault: The transfer of information security breach information

Tawei Wang; Yen Yao Wang; Ju Chun Yen

doi:10.4018/978-1-7998-7705-9.ch085

It's not my fault: The transfer of information security breach information

Tawei Wang, Yen Yao Wang, Ju Chun Yen

Graduate Institute of Accounting

Research output: Chapter in Book/Report/Conference proceeding › Chapter › peer-review

1 Scopus citations

Abstract

This article investigates the transfer of information security breach information between breached firms and their peers. Using a large data set of information security incidents from 2003 to 2013, the results suggest that 1) the effect of information security breach information transfer exists between breached firms and non-breached firms that offer similar products and 2) the effect of information transfer is weaker when the information security breach is due to internal faults or is related to the loss of personally identifiable information. Additional tests demonstrate that the effect of information transfer exhibits consistent patterns across time and with different types of information security breaches. Finally, the effect does not depend on whether the firms are IT intensive. Implications, limitations, and future research are discussed.

Original language	English
Title of host publication	Research Anthology on Artificial Intelligence Applications in Security
Publisher	IGI Global
Pages	1916-1937
Number of pages	22
Volume	4-4
ISBN (Electronic)	9781799877486
ISBN (Print)	9781799877059
DOIs	https://doi.org/10.4018/978-1-7998-7705-9.ch085
State	Published - 27 Nov 2020

Access to Document

10.4018/978-1-7998-7705-9.ch085

Cite this

@inbook{5b95a6638687407bb2d4ec648c2dd829,

title = "It's not my fault: The transfer of information security breach information",

abstract = "This article investigates the transfer of information security breach information between breached firms and their peers. Using a large data set of information security incidents from 2003 to 2013, the results suggest that 1) the effect of information security breach information transfer exists between breached firms and non-breached firms that offer similar products and 2) the effect of information transfer is weaker when the information security breach is due to internal faults or is related to the loss of personally identifiable information. Additional tests demonstrate that the effect of information transfer exhibits consistent patterns across time and with different types of information security breaches. Finally, the effect does not depend on whether the firms are IT intensive. Implications, limitations, and future research are discussed.",

author = "Tawei Wang and Wang, {Yen Yao} and Yen, {Ju Chun}",

note = "Publisher Copyright: {\textcopyright} 2022, IGI Global.",

year = "2020",

month = nov,

day = "27",

doi = "10.4018/978-1-7998-7705-9.ch085",

language = "???core.languages.en_GB???",

isbn = "9781799877059",

volume = "4-4",

pages = "1916--1937",

booktitle = "Research Anthology on Artificial Intelligence Applications in Security",

publisher = "IGI Global",

}

TY - CHAP

T1 - It's not my fault

T2 - The transfer of information security breach information

AU - Wang, Tawei

AU - Wang, Yen Yao

AU - Yen, Ju Chun

PY - 2020/11/27

Y1 - 2020/11/27

N2 - This article investigates the transfer of information security breach information between breached firms and their peers. Using a large data set of information security incidents from 2003 to 2013, the results suggest that 1) the effect of information security breach information transfer exists between breached firms and non-breached firms that offer similar products and 2) the effect of information transfer is weaker when the information security breach is due to internal faults or is related to the loss of personally identifiable information. Additional tests demonstrate that the effect of information transfer exhibits consistent patterns across time and with different types of information security breaches. Finally, the effect does not depend on whether the firms are IT intensive. Implications, limitations, and future research are discussed.

AB - This article investigates the transfer of information security breach information between breached firms and their peers. Using a large data set of information security incidents from 2003 to 2013, the results suggest that 1) the effect of information security breach information transfer exists between breached firms and non-breached firms that offer similar products and 2) the effect of information transfer is weaker when the information security breach is due to internal faults or is related to the loss of personally identifiable information. Additional tests demonstrate that the effect of information transfer exhibits consistent patterns across time and with different types of information security breaches. Finally, the effect does not depend on whether the firms are IT intensive. Implications, limitations, and future research are discussed.

UR - http://www.scopus.com/inward/record.url?scp=85163978037&partnerID=8YFLogxK

U2 - 10.4018/978-1-7998-7705-9.ch085

DO - 10.4018/978-1-7998-7705-9.ch085

M3 - 篇章

AN - SCOPUS:85163978037

SN - 9781799877059

VL - 4-4

SP - 1916

EP - 1937

BT - Research Anthology on Artificial Intelligence Applications in Security

PB - IGI Global

ER -

It's not my fault: The transfer of information security breach information

Abstract

Access to Document

Fingerprint

Cite this