Paper Number
1345
Paper Type
Short
Abstract
While prior studies in Information Systems have recognized the important role of human factors in influencing cybersecurity risks, the focus has primarily been on a few high-ranking individuals within the organizations, such as Chief Information Officers. Our study diverges by adopting a comprehensive perspective, highlighting the important role played by employees across all hierarchical levels within the organization. Specifically, we investigate whether the turnover of employees engaged in IT-related tasks (i.e., IT employees) across all levels affects a firm’s cybersecurity risks. Using a deep learning technique, we identify all IT employees based on their job titles. Our empirical results show that there is a positive correlation between IT employee turnover and the likelihood of a firm experiencing data breaches. Further analysis reveals that recruiting new IT employees cannot mitigate the negative impact. Our study has both theoretical and practical implications for cybersecurity risk management.
Recommended Citation
Liang, Zhewen; Xu, Shan; Chen, Dylan Junluo; Li, Jin; and Liu, Ben, "From Departure to Breach: The Impact of IT Employee Turnover on Cybersecurity Risks" (2024). ICIS 2024 Proceedings. 9.
https://aisel.aisnet.org/icis2024/security/security/9
From Departure to Breach: The Impact of IT Employee Turnover on Cybersecurity Risks
While prior studies in Information Systems have recognized the important role of human factors in influencing cybersecurity risks, the focus has primarily been on a few high-ranking individuals within the organizations, such as Chief Information Officers. Our study diverges by adopting a comprehensive perspective, highlighting the important role played by employees across all hierarchical levels within the organization. Specifically, we investigate whether the turnover of employees engaged in IT-related tasks (i.e., IT employees) across all levels affects a firm’s cybersecurity risks. Using a deep learning technique, we identify all IT employees based on their job titles. Our empirical results show that there is a positive correlation between IT employee turnover and the likelihood of a firm experiencing data breaches. Further analysis reveals that recruiting new IT employees cannot mitigate the negative impact. Our study has both theoretical and practical implications for cybersecurity risk management.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
06-Security