Paper Number
ICIS2025-2671
Paper Type
Short
Abstract
With the recent increase in cybersecurity incidents, it has become increasingly critical to understand how organizations can effectively respond to mitigate financial and reputational losses post-data breach events. This study investigates the impact of response timeliness, breach types, and response strategies on the stock market recovery of firms following data breach incidents. Drawing on Situational Crisis Communication Theory (SCCT) and a sequential event timeline framework, we construct a structured chronology of breach events: identification, containment, disclosure, and corporate response. We utilize the data breach records from US-based publicly traded companies and perform the content analysis of breach disclosure letters to classify firm response strategies. An event study methodology was implemented to calculate cumulative abnormal returns (CARs) across multiple event windows. This study extends Situational Crisis Communication Theory (SCCT) in the context of data breaches and provides empirical insights into how firms can improve market recovery after a data breach.
Recommended Citation
Majumder, Arindam and Kim, Dan J., "It’s All About Timing: An Empirical Investigation of a Sequential Timeline Model of Response and Market Reaction to Data Breaches" (2025). ICIS 2025 Proceedings. 20.
https://aisel.aisnet.org/icis2025/cyb_security/cyb_security/20
It’s All About Timing: An Empirical Investigation of a Sequential Timeline Model of Response and Market Reaction to Data Breaches
With the recent increase in cybersecurity incidents, it has become increasingly critical to understand how organizations can effectively respond to mitigate financial and reputational losses post-data breach events. This study investigates the impact of response timeliness, breach types, and response strategies on the stock market recovery of firms following data breach incidents. Drawing on Situational Crisis Communication Theory (SCCT) and a sequential event timeline framework, we construct a structured chronology of breach events: identification, containment, disclosure, and corporate response. We utilize the data breach records from US-based publicly traded companies and perform the content analysis of breach disclosure letters to classify firm response strategies. An event study methodology was implemented to calculate cumulative abnormal returns (CARs) across multiple event windows. This study extends Situational Crisis Communication Theory (SCCT) in the context of data breaches and provides empirical insights into how firms can improve market recovery after a data breach.
When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.
Comments
09-Cybersecurity