Firms Data Breach and Ransomware Exposure and Recovery Through the Analysis of Post Factum Remedial Actions

The purpose of this study is to better understand the most effective remedial actions taken by an organization after an adverse cyber event (ACE). This is accomplished through the analysis of firm post event actions. A framework is constructed utilizing concepts deployed in Business Impact Analysis (BIA) within a cybersecurity and operational technology context. The concepts from BIA are integrated with stock price performance as a proxy of the value of a firm both pre and post-ACE. The comparative analysis of firm stock price and recuperative activities are considered in order to understand the most impactful remedial actions (RA) to the firm's perceived value relevant to the activities. The result can be utilized to find effective post remedial actions and the estimated time for recovery of a company’s stock price to non-negative excess returns prior to an ACE. This research will contribute to developing academic and practical knowledge within the areas of cybersecurity, impact mitigation, and firm performance.