数据隐私泄露造成的经济损失:实证分析

IF 2 4区管理学 Q3 COMPUTER SCIENCE, INFORMATION SYSTEMS

Journal of Organizational Computing and Electronic Commerce Pub Date : 2020-10-01 DOI:10.1080/10919392.2020.1818521

Manas Tripathi, Arunabha Mukhopadhyay

{"title":"数据隐私泄露造成的经济损失:实证分析","authors":"Manas Tripathi, Arunabha Mukhopadhyay","doi":"10.1080/10919392.2020.1818521","DOIUrl":null,"url":null,"abstract":"ABSTRACT Previous studies have explored the impact of the cybersecurity breach on the market value of the firm, but the impact of the data privacy breach on the firm performance is less explored. The terms cybersecurity breach and data privacy breach are sometimes used interchangeably, but they are two different things. In this study, we have used the event study methodology and standard market model (MM) to observe the effect of the data privacy breach on the firm performance. We have also observed the impact of firm-specific characteristics (such as firm size and firm type) and attack-specific characteristics (such as attack type and damage potency) on the cumulative abnormal return (CAR) due to privacy breaches. We have used data of 131 data privacy breaches related to US firms for the years 2012 (43 breaches), 2013 (37 breaches), and 2014 (51 breaches). We have selected the period 2012-2014 for study as we have observed the major data privacy breaches occurred during this period. The results of this study demonstrate that the data privacy breach announcement negatively affects the market value of the firm. Another interesting finding of this study is that the market values of larger firms are less adversely affected by the data privacy breach event than the smaller firms. We have also calculated the average financial loss, which comes out to be $ 229 million, $ 241 million, and $ 108 million in the year 2012, 2013, and 2014, respectively, due to these data privacy breaches.","PeriodicalId":54777,"journal":{"name":"Journal of Organizational Computing and Electronic Commerce","volume":"30 1","pages":"381 - 400"},"PeriodicalIF":2.0000,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"https://sci-hub-pdf.com/10.1080/10919392.2020.1818521","citationCount":"14","resultStr":"{\"title\":\"Financial Loss due to a Data Privacy Breach: An Empirical Analysis\",\"authors\":\"Manas Tripathi, Arunabha Mukhopadhyay\",\"doi\":\"10.1080/10919392.2020.1818521\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"ABSTRACT Previous studies have explored the impact of the cybersecurity breach on the market value of the firm, but the impact of the data privacy breach on the firm performance is less explored. The terms cybersecurity breach and data privacy breach are sometimes used interchangeably, but they are two different things. In this study, we have used the event study methodology and standard market model (MM) to observe the effect of the data privacy breach on the firm performance. We have also observed the impact of firm-specific characteristics (such as firm size and firm type) and attack-specific characteristics (such as attack type and damage potency) on the cumulative abnormal return (CAR) due to privacy breaches. We have used data of 131 data privacy breaches related to US firms for the years 2012 (43 breaches), 2013 (37 breaches), and 2014 (51 breaches). We have selected the period 2012-2014 for study as we have observed the major data privacy breaches occurred during this period. The results of this study demonstrate that the data privacy breach announcement negatively affects the market value of the firm. Another interesting finding of this study is that the market values of larger firms are less adversely affected by the data privacy breach event than the smaller firms. We have also calculated the average financial loss, which comes out to be $ 229 million, $ 241 million, and $ 108 million in the year 2012, 2013, and 2014, respectively, due to these data privacy breaches.\",\"PeriodicalId\":54777,\"journal\":{\"name\":\"Journal of Organizational Computing and Electronic Commerce\",\"volume\":\"30 1\",\"pages\":\"381 - 400\"},\"PeriodicalIF\":2.0000,\"publicationDate\":\"2020-10-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"https://sci-hub-pdf.com/10.1080/10919392.2020.1818521\",\"citationCount\":\"14\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Organizational Computing and Electronic Commerce\",\"FirstCategoryId\":\"94\",\"ListUrlMain\":\"https://doi.org/10.1080/10919392.2020.1818521\",\"RegionNum\":4,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q3\",\"JCRName\":\"COMPUTER SCIENCE, INFORMATION SYSTEMS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Organizational Computing and Electronic Commerce","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1080/10919392.2020.1818521","RegionNum":4,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q3","JCRName":"COMPUTER SCIENCE, INFORMATION SYSTEMS","Score":null,"Total":0}

引用次数: 14

摘要

以往的研究已经探讨了网络安全泄露对企业市场价值的影响，但对数据隐私泄露对企业绩效的影响的探讨较少。网络安全漏洞和数据隐私漏洞这两个术语有时可以互换使用，但它们是两个不同的东西。在本研究中，我们采用事件研究方法和标准市场模型(MM)来观察数据隐私泄露对企业绩效的影响。我们还观察到企业特定特征(如企业规模和企业类型)和攻击特定特征(如攻击类型和损害效力)对隐私泄露导致的累积异常回报(CAR)的影响。我们使用了2012年(43起)、2013年(37起)和2014年(51起)与美国公司有关的131起数据隐私泄露事件的数据。我们选择2012-2014年进行研究，因为我们观察到在此期间发生了重大的数据隐私泄露事件。研究结果表明，数据隐私泄露公告对企业的市场价值有负向影响。本研究的另一个有趣发现是，大公司的市场价值受到数据隐私泄露事件的不利影响要小于小公司。我们还计算了由于这些数据隐私泄露，2012年、2013年和2014年的平均经济损失分别为2.29亿美元、2.41亿美元和1.08亿美元。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Financial Loss due to a Data Privacy Breach: An Empirical Analysis

ABSTRACT Previous studies have explored the impact of the cybersecurity breach on the market value of the firm, but the impact of the data privacy breach on the firm performance is less explored. The terms cybersecurity breach and data privacy breach are sometimes used interchangeably, but they are two different things. In this study, we have used the event study methodology and standard market model (MM) to observe the effect of the data privacy breach on the firm performance. We have also observed the impact of firm-specific characteristics (such as firm size and firm type) and attack-specific characteristics (such as attack type and damage potency) on the cumulative abnormal return (CAR) due to privacy breaches. We have used data of 131 data privacy breaches related to US firms for the years 2012 (43 breaches), 2013 (37 breaches), and 2014 (51 breaches). We have selected the period 2012-2014 for study as we have observed the major data privacy breaches occurred during this period. The results of this study demonstrate that the data privacy breach announcement negatively affects the market value of the firm. Another interesting finding of this study is that the market values of larger firms are less adversely affected by the data privacy breach event than the smaller firms. We have also calculated the average financial loss, which comes out to be $ 229 million, $ 241 million, and $ 108 million in the year 2012, 2013, and 2014, respectively, due to these data privacy breaches.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Journal of Organizational Computing and Electronic Commerce 工程技术-计算机：跨学科应用

CiteScore

5.80

自引率

17.20%

发文量

审稿时长

>12 weeks

期刊介绍： The aim of the Journal of Organizational Computing and Electronic Commerce (JOCEC) is to publish quality, fresh, and innovative work that will make a difference for future research and practice rather than focusing on well-established research areas. JOCEC publishes original research that explores the relationships between computer/communication technology and the design, operations, and performance of organizations. This includes implications of the technologies for organizational structure and dynamics, technological advances to keep pace with changes of organizations and their environments, emerging technological possibilities for improving organizational performance, and the many facets of electronic business. Theoretical, experimental, survey, and design science research are all welcome and might look at: • E-commerce • Collaborative commerce • Interorganizational systems • Enterprise systems • Supply chain technologies • Computer-supported cooperative work • Computer-aided coordination • Economics of organizational computing • Technologies for organizational learning • Behavioral aspects of organizational computing.