Paper Type

Short

Paper Number

1569

Description

In the aftermath of data breaches, firms usually employ crisis management tactics to mitigate the negative impact. However, previous studies examined the net effect of these tactics independently, whereas ignored that the effects of tactics interact with each other. Therefore, this study introduces the behavioral integrity (BI) framework to explain and investigate how post-breach communication tactics and security investment jointly affect shareholder reactions. We conduct fsQCA analysis and reveal that the alignment of crisis communication tactics and security investment could lead to a positive market reaction, whereas the misalignment could lead to a negative market reaction. Moreover, the effect of crisis communication tactics and security investment alignment also depends on the types of breaches. It is expected that this study can contribute to post-breach recovery by adopting a configuration method and providing empirical evidence for behavioral integrity literature.

Comments

Security

Share

COinS
 
Jul 2nd, 12:00 AM

Is Paying a High Price Always Beneficial? A configurational investigation of crisis communication and IT security investment following data breaches

In the aftermath of data breaches, firms usually employ crisis management tactics to mitigate the negative impact. However, previous studies examined the net effect of these tactics independently, whereas ignored that the effects of tactics interact with each other. Therefore, this study introduces the behavioral integrity (BI) framework to explain and investigate how post-breach communication tactics and security investment jointly affect shareholder reactions. We conduct fsQCA analysis and reveal that the alignment of crisis communication tactics and security investment could lead to a positive market reaction, whereas the misalignment could lead to a negative market reaction. Moreover, the effect of crisis communication tactics and security investment alignment also depends on the types of breaches. It is expected that this study can contribute to post-breach recovery by adopting a configuration method and providing empirical evidence for behavioral integrity literature.

When commenting on articles, please be friendly, welcoming, respectful and abide by the AIS eLibrary Discussion Thread Code of Conduct posted here.