Paper Type
ERF
Abstract
Artificial Intelligence is crucial in organizational cybersecurity, especially in data security. While previous research emphasizes AI’s abilities in pattern recognition and threat mitigation, research has not examined how AI and various organizations’ security elements jointly shape cybersecurity incident management outcomes. Thus motivated, this study examines how AI succeeds or fails in cybersecurity incident management. Guided by the affordance theory, we investigate the joint relationship of AI, cybersecurity strategies, and organizational context with incident characteristics. We conceptualize and propose to empirically examine the research model comprising the use of AI, cyber insurance, regulatory compliance, industry sensitivity, company size, threat severity, and mean time to detection. We focus on three incident outcomes: data breaches, attack costs, and production disruptions.
Paper Number
2091
Recommended Citation
Kouyo, Guy Alain Sylvanus; Nishant, Rohit; and Khechine, Hager, "An Affordance Perspective on Artificial Intelligence’s Role in Data Protection" (2025). AMCIS 2025 Proceedings. 42.
https://aisel.aisnet.org/amcis2025/sig_sec/sig_sec/42
An Affordance Perspective on Artificial Intelligence’s Role in Data Protection
Artificial Intelligence is crucial in organizational cybersecurity, especially in data security. While previous research emphasizes AI’s abilities in pattern recognition and threat mitigation, research has not examined how AI and various organizations’ security elements jointly shape cybersecurity incident management outcomes. Thus motivated, this study examines how AI succeeds or fails in cybersecurity incident management. Guided by the affordance theory, we investigate the joint relationship of AI, cybersecurity strategies, and organizational context with incident characteristics. We conceptualize and propose to empirically examine the research model comprising the use of AI, cyber insurance, regulatory compliance, industry sensitivity, company size, threat severity, and mean time to detection. We focus on three incident outcomes: data breaches, attack costs, and production disruptions.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
SIGSEC