Paper ID
2459
Paper Type
full
Description
Strategic transactions can affect a firm’s structural complexity and data breach risk. Mergers and acquisitions increase data breach risk by increasing firm’s structural complexity through the addition of new businesses and new IT interlinkages among the firm’s existing and newly added businesses. Divestitures reduce firm’s data breach risk by reducing the firm’s structural complexity through the removal of some business units and associated IT interlinkages. Business partnerships increase firm’s structural complexity and data breach risk by opening up the firm’s IT environment to third party business partners and creating challenges in joint governance and control of the IT interface and interaction points of the partners. We find support for these ideas in a sample of 9784 U.S. firms during 2005-2017. The proposed theory explains how and why strategic initiatives increase firms’ data breach risks.
Recommended Citation
Tanriverdi, Hüseyin; Roumani, Yaman; and Nwankpa, Joseph, "Structural Complexity and Data Breach Risk" (2019). ICIS 2019 Proceedings. 36.
https://aisel.aisnet.org/icis2019/cyber_security_privacy_ethics_IS/cyber_security_privacy/36
Structural Complexity and Data Breach Risk
Strategic transactions can affect a firm’s structural complexity and data breach risk. Mergers and acquisitions increase data breach risk by increasing firm’s structural complexity through the addition of new businesses and new IT interlinkages among the firm’s existing and newly added businesses. Divestitures reduce firm’s data breach risk by reducing the firm’s structural complexity through the removal of some business units and associated IT interlinkages. Business partnerships increase firm’s structural complexity and data breach risk by opening up the firm’s IT environment to third party business partners and creating challenges in joint governance and control of the IT interface and interaction points of the partners. We find support for these ideas in a sample of 9784 U.S. firms during 2005-2017. The proposed theory explains how and why strategic initiatives increase firms’ data breach risks.