Abstract
While unfortunate physical events result in a negative market reaction, cyber events rarely do. It is our contention that a security attack is a complex intervention that ripples through the attacked company’s ecosystem. Over time, new information about the incident is revealed which might change the trajectory of the effect. This study aims to understand the impact of a security breach on the attacked company, its ecosystem (e.g., consumers, vendors, banks, and hackers), and surrounding society. By utilizing a stakeholder analysis as a methodological framework, we found that, while some stakeholders are losers, other are winners. Our analysis also implies that, depending on subsequent events, the effect of a security breach on the attacked firm varies over time, suggesting a “wait and see” attitude by the market.
DOI
10.17705/1CAIS.03450
Recommended Citation
Hovav, A., & Gray, P. (2014). The Ripple Effect of an Information Security Breach Event: A Stakeholder Analysis. Communications of the Association for Information Systems, 34, pp-pp. https://doi.org/10.17705/1CAIS.03450
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
