EXPRESS: A Preemptive and Curative Solution to Mitigate Data Breaches: the Double-Layer of Protection from Corporate Social Responsibility

IF 5.1 1区管理学 Q1 BUSINESS

Journal of Marketing Research Pub Date : 2023-11-23 DOI:10.1177/00222437231218969

John JianJun Zhu, Ling Tuo, Yanfen You, Qiang Fei, Matthew Thomson

{"title":"EXPRESS: A Preemptive and Curative Solution to Mitigate Data Breaches: the Double-Layer of Protection from Corporate Social Responsibility","authors":"John JianJun Zhu, Ling Tuo, Yanfen You, Qiang Fei, Matthew Thomson","doi":"10.1177/00222437231218969","DOIUrl":null,"url":null,"abstract":"Data breaches have the potential to weaken employee morale, corporate reputations, and customer and supplier relationships, while also disrupting marketing investments and financial performance. Research on reducing their frequency and harm focuses on tactical solutions though breaches represent serious, even existential threats to firms. To date, research has not attempted to simultaneously address the closely connected phenomena of preventing and recovering from data breaches. The authors propose that corporate social responsibility (CSR) is a strategic variable offering dual protection: reducing the likelihood of data breaches and attenuating harm when breaches occur. Drawing on Stakeholder Theory, the authors distinguish between internal (addressing primary stakeholders) and external (addressing secondary stakeholders) CSR. Study 1 shows external CSR has no prophylactic effect while moderate and high levels of internal CSR are equally effective at preventing data breaches compared to low levels of internal CSR. Study 2 assesses mitigation following a data breach by examining (a) short-term effects (in the form of an event study on cumulative abnormal returns) and (b) long-term effects (with time series analysis of Tobin's Q). The results suggest internal CSR props up financial performance only at high levels while the positive effect of external CSR is short-lived.","PeriodicalId":48465,"journal":{"name":"Journal of Marketing Research","volume":"273 ","pages":""},"PeriodicalIF":5.1000,"publicationDate":"2023-11-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Marketing Research","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1177/00222437231218969","RegionNum":1,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"BUSINESS","Score":null,"Total":0}

引用次数: 0

Abstract

Data breaches have the potential to weaken employee morale, corporate reputations, and customer and supplier relationships, while also disrupting marketing investments and financial performance. Research on reducing their frequency and harm focuses on tactical solutions though breaches represent serious, even existential threats to firms. To date, research has not attempted to simultaneously address the closely connected phenomena of preventing and recovering from data breaches. The authors propose that corporate social responsibility (CSR) is a strategic variable offering dual protection: reducing the likelihood of data breaches and attenuating harm when breaches occur. Drawing on Stakeholder Theory, the authors distinguish between internal (addressing primary stakeholders) and external (addressing secondary stakeholders) CSR. Study 1 shows external CSR has no prophylactic effect while moderate and high levels of internal CSR are equally effective at preventing data breaches compared to low levels of internal CSR. Study 2 assesses mitigation following a data breach by examining (a) short-term effects (in the form of an event study on cumulative abnormal returns) and (b) long-term effects (with time series analysis of Tobin's Q). The results suggest internal CSR props up financial performance only at high levels while the positive effect of external CSR is short-lived.

查看原文本刊更多论文

快讯缓解数据泄露的预防性和治疗性解决方案：来自企业社会责任的双层保护

数据泄露有可能削弱员工士气、企业声誉、客户和供应商关系，同时还会扰乱营销投资和财务业绩。尽管数据泄露对企业构成了严重的威胁，甚至是生存威胁，但有关降低数据泄露频率和危害的研究主要集中在战术解决方案上。迄今为止，还没有研究试图同时解决数据泄露的预防和恢复这两个密切相关的问题。作者提出，企业社会责任（CSR）是一个战略变量，可提供双重保护：降低数据泄露的可能性，并在泄露发生时减轻伤害。作者借鉴利益相关者理论，将企业社会责任分为内部（针对主要利益相关者）和外部（针对次要利益相关者）两种。研究 1 表明，外部企业社会责任没有预防作用，而中等和高水平的内部企业社会责任与低水平的内部企业社会责任相比，在防止数据泄露方面同样有效。研究 2 通过考察（a）短期效应（以累积异常回报事件研究的形式）和（b）长期效应（托宾 Q 的时间序列分析）来评估数据泄露后的缓解措施。结果表明，内部企业社会责任只有在高水平时才能提升财务业绩，而外部企业社会责任的积极影响是短暂的。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Journal of Marketing Research BUSINESS-

CiteScore

10.30

自引率

6.60%

发文量

期刊介绍： JMR is written for those academics and practitioners of marketing research who need to be in the forefront of the profession and in possession of the industry"s cutting-edge information. JMR publishes articles representing the entire spectrum of research in marketing. The editorial content is peer-reviewed by an expert panel of leading academics. Articles address the concepts, methods, and applications of marketing research that present new techniques for solving marketing problems; contribute to marketing knowledge based on the use of experimental, descriptive, or analytical techniques; and review and comment on the developments and concepts in related fields that have a bearing on the research industry and its practices.