Abstract

Previous research has found that information security breaches can impact the market value of the firm because the reputation of the firm has suffered and the market assumes that revenues will decrease and expenses will increase. This impact to market value is usually measured within the 1-2 days after an information security breach disclosure where after things seemingly return to normal, in the context of stock market values. Despite the widely held belief that information security breaches have negative short-term and long-term impacts, researchers are just beginning to understand the relationship to short-term and long-term firm performance. This study investigates the short-term and long-term impacts of information security breaches on firm performance in the first four quarters following an information security breach disclosure. We take both a traditional view and organizational sustainability/resiliency view to hypothesis and theory development and introduce the analysis of two new variables “intangible assets” and “extraordinary losses” to the discussion on the impact of information security breaches to firm performance. We discuss our findings and their implications for practitioners and researchers and suggest next steps.

Previous research has found that information security breaches can impact the market value of the firm because the reputation of the firm has suffered and the market assumes that revenues will decrease and expenses will increase. This impact to market value is usually measured within the 1-2 days after an information security breach disclosure where after things seemingly return to normal, in the context of stock market values. Despite the widely held belief that information security breaches have negative short-term and long-term impacts, researchers are just beginning to understand the relationship to short-term and long-term firm performance. This study investigates the short-term and long-term impacts of information security breaches on firm performance in the first four quarters following an information security breach disclosure. We take both a traditional view and organizational sustainability/resiliency view to hypothesis and theory development and introduce the analysis of two new variables “intangible assets” and “extraordinary losses” to the discussion on the impact of information security breaches to firm performance. We discuss our findings and their implications for practitioners and researchers and suggest next steps.

Share

COinS