Location
Hilton Hawaiian Village, Honolulu, Hawaii
Event Website
https://hicss.hawaii.edu/
Start Date
3-1-2024 12:00 AM
End Date
6-1-2024 12:00 AM
Description
Ransomware attacks have become an unrelenting frustration for organizations of all sizes, industries, and locations. Although past research has examined how ransomware attacks can be more effectively prevented, little attention has been paid to understanding how organizations communicate with stakeholders. In contrast to some cyber incidents that remain hidden for months, ransomware attacks render systems inoperable immediately, which often requires a unique stakeholder response strategy. Drawing on principles from stakeholder theory and crisis response strategies, we examine the organizational communications following 101 ransomware attacks. Our results indicate that stakeholder notifications tend to be either customer-focused or investor-focused, but are rarely both. We also find that most notifications contain at least a basic level of detail, but that about one in ten communications are insufficiently informative. This work extends the field’s understanding of cybersecurity incident notifications within the unique context of ransomware attacks and reveals practical insights for cybersecurity managers.
Recommended Citation
Cram, W. Alec; Chan, Albert; Yuan, Jonathan; and Joo, Dennis, "Conceal or Communicate? Organizational Notifications to Stakeholders Following Ransomware Attacks" (2024). Hawaii International Conference on System Sciences 2024 (HICSS-57). 2.
https://aisel.aisnet.org/hicss-57/in/cybercrime/2
Conceal or Communicate? Organizational Notifications to Stakeholders Following Ransomware Attacks
Hilton Hawaiian Village, Honolulu, Hawaii
Ransomware attacks have become an unrelenting frustration for organizations of all sizes, industries, and locations. Although past research has examined how ransomware attacks can be more effectively prevented, little attention has been paid to understanding how organizations communicate with stakeholders. In contrast to some cyber incidents that remain hidden for months, ransomware attacks render systems inoperable immediately, which often requires a unique stakeholder response strategy. Drawing on principles from stakeholder theory and crisis response strategies, we examine the organizational communications following 101 ransomware attacks. Our results indicate that stakeholder notifications tend to be either customer-focused or investor-focused, but are rarely both. We also find that most notifications contain at least a basic level of detail, but that about one in ten communications are insufficiently informative. This work extends the field’s understanding of cybersecurity incident notifications within the unique context of ransomware attacks and reveals practical insights for cybersecurity managers.
https://aisel.aisnet.org/hicss-57/in/cybercrime/2