IDEAS home Printed from https://ideas.repec.org/a/eee/teinso/v74y2023ics0160791x23001148.html
   My bibliography  Save this article

Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives

Author

Listed:
  • Agbodoh-Falschau, Kouassi Raymond
  • Ravaonorohanta, Bako Harinivo

Abstract

Government agencies and standard setters require organizations operating in critical infrastructure sectors to disclose cybersecurity incidents, yet little is known about whether organizations report these incidents to law enforcement. This study examines this issue based on data from the 2017–2021 periods of the Canadian Survey of Cybersecurity and Cybercrime administered to Canadian organizations. We assessed the effects of governance determinants along with cyber incidents and their impacts using partial least squares equation modelling to identify the relationships between these factors and cybersecurity incidents reported to police services. To conceptualize these relationships, we developed a framework based on resource-dependence theory, protection motivation theory, and previous empirical evidence. The overall governance determinants as well as the impacts of the incidents explained 51% of the intention to report cybersecurity incidents to police, and the intensity of the impacts explained 30% of these intentions to signal incidents to law enforcement. The results also revealed that the intensity of cyber incident impacts dictates the attitudes of organizations towards reporting digital attacks. This study makes a significant theoretical contribution to the information security literature and has practical implications for standard setters and government agencies that aim to combat cybersecurity incidents.

Suggested Citation

  • Agbodoh-Falschau, Kouassi Raymond & Ravaonorohanta, Bako Harinivo, 2023. "Investigating the influence of governance determinants on reporting cybersecurity incidents to police: Evidence from Canadian organizations’ perspectives," Technology in Society, Elsevier, vol. 74(C).
    • Handle: RePEc:eee:teinso:v:74:y:2023:i:c:s0160791x23001148
    DOI: 10.1016/j.techsoc.2023.102309
    as

    Download full text from publisher

    File URL: http://www.sciencedirect.com/science/article/pii/S0160791X23001148
    Download Restriction: Full text for ScienceDirect subscribers only
    File URL: https://libkey.io/10.1016/j.techsoc.2023.102309?utm_source=ideas
    LibKey link: if access is restricted and if your library uses this service, LibKey will redirect you to where you can use your library subscription to access this item
    ---><---

    As the access to this document is restricted, you may want to

    for a different version of it.

    References listed on IDEAS

    as
    1. Sylvie Héroux & Anne Fortin, 2020. "Cybersecurity Disclosure by the Companies on the S&P/TSX 60 Index," Accounting Perspectives, John Wiley & Sons, vol. 19(2), pages 73-100, June.
    2. Galaz, Victor & Centeno, Miguel A. & Callahan, Peter W. & Causevic, Amar & Patterson, Thayer & Brass, Irina & Baum, Seth & Farber, Darryl & Fischer, Joern & Garcia, David & McPhearson, Timon & Jimenez, 2021. "Artificial intelligence, systemic risks, and sustainability," Technology in Society, Elsevier, vol. 67(C).
    3. repec:eme:maj000:maj-09-2018-2004 is not listed on IDEAS
    4. Tadeusz Sawik, 2022. "A linear model for optimal cybersecurity investment in Industry 4.0 supply chains," International Journal of Production Research, Taylor & Francis Journals, vol. 60(4), pages 1368-1385, February.
    5. Rajan, Rishabh & Rana, Nripendra P. & Parameswar, Nakul & Dhir, Sanjay & Sushil, & Dwivedi, Yogesh K., 2021. "Developing a modified total interpretive structural model (M-TISM) for organizational strategic cybersecurity management," Technological Forecasting and Social Change, Elsevier, vol. 170(C).
    6. Frank Cremer & Barry Sheehan & Michael Fortmann & Arash N. Kia & Martin Mullins & Finbarr Murphy & Stefan Materne, 2022. "Cyber risk and cybersecurity: a systematic review of data availability," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 47(3), pages 698-736, July.
    7. Blakely, Benjamin & Kurtenbach, Jim & Nowak, Lovila, 2022. "Exploring the information content of cyber breach reports and the relationship to internal controls," International Journal of Accounting Information Systems, Elsevier, vol. 46(C).
    8. Camélia Radu & Nadia Smaili, 2022. "Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure," Journal of Business Ethics, Springer, vol. 177(2), pages 351-374, May.
    9. Eling, Martin & Wirfs, Jan, 2019. "What are the actual costs of cyber risk events?," European Journal of Operational Research, Elsevier, vol. 272(3), pages 1109-1119.
    10. Iyer, Subramanian R. & Simkins, Betty J. & Wang, Heng, 2020. "Cyberattacks and impact on bond valuation," Finance Research Letters, Elsevier, vol. 33(C).
    11. Cheryl, Barr-Kumarakulasinghe & Ng, Boon-Kwee & Wong, Chan-Yuan, 2021. "Governing the progress of internet-of-things: Ambivalence in the quest of technology exploitation and user rights protection," Technology in Society, Elsevier, vol. 64(C).
    12. Athira M. Mohan & Nader Meskin & Hasan Mehrjerdi, 2020. "A Comprehensive Review of the Cyber-Attacks and Cyber-Security on Load Frequency Control of Power Systems," Energies, MDPI, vol. 13(15), pages 1-33, July.
    13. Lee, In, 2021. "Cybersecurity: Risk management framework and investment cost analysis," Business Horizons, Elsevier, vol. 64(5), pages 659-671.
    14. Elina Haapamäki & Jukka Sihvonen, 2019. "Cybersecurity in accounting research," Managerial Auditing Journal, Emerald Group Publishing Limited, vol. 34(7), pages 808-834, July.
    15. Viberg Johansson, Jennifer & Shah, Nisha & Haraldsdóttir, Eik & Bentzen, Heidi Beate & Coy, Sarah & Kaye, Jane & Mascalzoni, Deborah & Veldwijk, Jorien, 2021. "Governance mechanisms for sharing of health data: An approach towards selecting attributes for complex discrete choice experiment studies," Technology in Society, Elsevier, vol. 66(C).
    16. Slapničar, Sergeja & Vuko, Tina & Čular, Marko & Drašček, Matej, 2022. "Effectiveness of cybersecurity audit," International Journal of Accounting Information Systems, Elsevier, vol. 44(C).
    17. Kamiya, Shinichi & Kang, Jun-Koo & Kim, Jungmin & Milidonis, Andreas & Stulz, René M., 2021. "Risk management, firm reputation, and the impact of successful cyberattacks on target firms," Journal of Financial Economics, Elsevier, vol. 139(3), pages 719-749.
    18. Oliveira, Fabio & Kakabadse, Nada & Khan, Nadeem, 2022. "Board engagement with digital technologies: A resource dependence framework," Journal of Business Research, Elsevier, vol. 139(C), pages 804-818.
    19. Smith, Thomas & Tadesse, Amanuel F. & Vincent, Nishani Edirisinghe, 2021. "The impact of CIO characteristics on data breaches," International Journal of Accounting Information Systems, Elsevier, vol. 43(C).
    20. Li, Ling & He, Wu & Xu, Li & Ash, Ivan & Anwar, Mohd & Yuan, Xiaohong, 2019. "Investigating the impact of cybersecurity policy awareness on employees’ cybersecurity behavior," International Journal of Information Management, Elsevier, vol. 45(C), pages 13-24.
    21. Camélia Radu & Nadia Smaili, 2022. "Correction to: Board Gender Diversity and Corporate Response to Cyber Risk: Evidence from Cybersecurity Related Disclosure," Journal of Business Ethics, Springer, vol. 177(2), pages 375-375, May.
    22. Masoud, Najeb & Al-Utaibi, Ghassan, 2022. "The determinants of cybersecurity risk disclosure in firms’ financial reporting: Empirical evidence," Research in Economics, Elsevier, vol. 76(2), pages 131-140.
    23. Li, He & No, Won Gyun & Wang, Tawei, 2018. "SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors," International Journal of Accounting Information Systems, Elsevier, vol. 30(C), pages 40-55.
    24. Ortwin Renn, 2021. "New challenges for risk analysis: systemic risks," Journal of Risk Research, Taylor & Francis Journals, vol. 24(1), pages 127-133, January.
    Full references (including those not matched with items on IDEAS)

    Citations

    Citations are extracted by the CitEc Project, subscribe to its RSS feed for this item.
    as


    Cited by:

    1. Umar, Muhammad, 2025. "The impact of cyber-attacks on different dimensions of cryptocurrency markets," Technology in Society, Elsevier, vol. 81(C).
    2. Arroyabe, Marta F. & Arranz, Carlos F.A. & Fernandez De Arroyabe, Ignacio & Fernandez de Arroyabe, Juan Carlos, 2024. "Exploring the economic role of cybersecurity in SMEs: A case study of the UK," Technology in Society, Elsevier, vol. 78(C).
    3. Rehman, Anis ur & Behera, Rajat Kumar & Islam, Md. Saiful & Abbasi, Faraz Ahmad & Imtiaz, Asma, 2024. "Assessing the usage of ChatGPT on life satisfaction among higher education students: The moderating role of subjective health," Technology in Society, Elsevier, vol. 78(C).
    4. Chotia, Varun & Khoualdi, Kamel & Broccardo, Laura & Yaqub, Muhammad Zafar, 2025. "The role of cyber security and digital transformation in gaining competitive advantage through Strategic Management Accounting," Technology in Society, Elsevier, vol. 81(C).

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Maryam Firoozi & Sana Mohsni, 2023. "Cybersecurity disclosure in the banking industry: a comparative study," International Journal of Disclosure and Governance, Palgrave Macmillan, vol. 20(4), pages 451-477, December.
    2. Kaur, Harpreet & Gupta, Mahima & Singh, Surya Prakash, 2024. "Integrated model to optimize supplier selection and investments for cyber resilience in digital supply chains," International Journal of Production Economics, Elsevier, vol. 275(C).
    3. Slapničar, Sergeja & Axelsen, Micheal & Bongiovanni, Ivano & Stockdale, David, 2023. "A pathway model to five lines of accountability in cybersecurity governance," International Journal of Accounting Information Systems, Elsevier, vol. 51(C).
    4. Brho, Mazen & Jazairy, Amer & Glassburner, Aaron V., 2025. "The finance of cybersecurity: Quantitative modeling of investment decisions and net present value," International Journal of Production Economics, Elsevier, vol. 279(C).
    5. Zhang, Yimei & Smith, Thomas, 2023. "The impact of customer firm data breaches on the audit fees of their suppliers," International Journal of Accounting Information Systems, Elsevier, vol. 50(C).
    6. Tan, Weijie & Guo, Binhua & Zhang, Qiantao, 2025. "Cybersecurity governance and corporate market value: Perspectives from investor trust and supply chain trust," Pacific-Basin Finance Journal, Elsevier, vol. 90(C).
    7. Wang, Jimin & Ho, Choy Yeing (Chloe) & Shan, Yuan George, 2024. "Does cybersecurity risk stifle corporate innovation activities?," International Review of Financial Analysis, Elsevier, vol. 91(C).
    8. Godsway Korku Tetteh & Chuks Otioma, 2025. "Cyberattack, cyber risk mitigation capabilities, and firm productivity in Kenya," Small Business Economics, Springer, vol. 64(3), pages 1493-1514, March.
    9. Phuong Bui & Phuc Nguyen, 2025. "Unveiling the Dynamics: Corporate Governance’s Impact on Firm Performance in Vietnam’s Thriving Market Landscape," Journal of the Knowledge Economy, Springer;Portland International Center for Management of Engineering and Technology (PICMET), vol. 16(2), pages 9095-9122, June.
    10. Lin, Weizheng & Wang, Chih-Wei & Li, Ying-Jie & Chen, Jian-Yun, 2025. "From green to digital: Exploring the role of ecological footprints on cybersecurity risk," Energy Economics, Elsevier, vol. 146(C).
    11. Chotia, Varun & Khoualdi, Kamel & Broccardo, Laura & Yaqub, Muhammad Zafar, 2025. "The role of cyber security and digital transformation in gaining competitive advantage through Strategic Management Accounting," Technology in Society, Elsevier, vol. 81(C).
    12. Martin Eling & Michael McShane & Trung Nguyen, 2021. "Cyber risk management: History and future research directions," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 24(1), pages 93-125, March.
    13. Dalia Hussein Elsayed & Tariq H. Ismail & Eman Adel Ahmed, 2024. "The impact of cybersecurity disclosure on banks’ performance: the moderating role of corporate governance in the MENA region," Future Business Journal, Springer, vol. 10(1), pages 1-15, December.
    14. Xiang Luo & Jianan Zhou, 2025. "Unveiling Her Efforts: Gender Diversity’s Impact on Performance Commitments in M&As," Journal of Business Ethics, Springer, vol. 200(1), pages 55-90, August.
    15. Kwangmin Jung & Chanjin Kim & Jiyeon Yun, 2025. "The effect of corporate risk management on cyber risk mitigation: Evidence from the insurance industry," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 50(2), pages 259-301, April.
    16. Sylvie Héroux & Anne Fortin, 2025. "How the three lines of defense can contribute to public firms’ cybersecurity effectiveness," International Journal of Disclosure and Governance, Palgrave Macmillan, vol. 22(2), pages 377-396, June.
    17. Chaitanya Joshi & Jinming Yang & Sergeja Slapnicar & Ryan K L Ko, 2024. "Contrasting the optimal resource allocation to cybersecurity and cyber insurance using prospect theory versus expected utility theory," Papers 2411.18838, arXiv.org.
    18. Martin Boyer & Martin Eling, 2023. "New advances on cyber risk and cyber insurance," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 48(2), pages 267-274, April.
    19. Singh, Kuldeep & Chatterjee, Sheshadri & Mariani, Marcello & Wamba, Samuel Fosso, 2025. "Cybersecurity resilience and innovation ecosystems for sustainable business excellence: Examining the dramatic changes in the macroeconomic business environment," Technovation, Elsevier, vol. 143(C).
    20. Francisco Isaí Morales-Sáenz & José Melchor Medina-Quintero & Miguel Reyna-Castillo, 2024. "Beyond Data Protection: Exploring the Convergence between Cybersecurity and Sustainable Development in Business," Sustainability, MDPI, vol. 16(14), pages 1-32, July.

    More about this item

    Keywords

    ;
    ;
    ;
    ;
    ;
    ;

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:eee:teinso:v:74:y:2023:i:c:s0160791x23001148. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Catherine Liu (email available below). General contact details of provider: https://www.journals.elsevier.com/technology-in-society .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.