IDEAS home Printed from https://ideas.repec.org/p/tsa/wpaper/0085is.html
   My bibliography  Save this paper

Planning Technology Investments For High Payoffs: A Rational Expectations Approach To Gauging Potential And Realized Value In A Changing Environment

Author

Listed:
  • Myung Ko

    (University of Texas at San Antonio)

  • Kweku-Muata

    (Virginia Commonwealth University)

  • Carlos Dorantesa

    (University of Texas at San Antonio)

Abstract

This paper examines the impact of information security breaches on organizational performance. Up to date, there have been only a few empirical academic studies that have investigated this issue and they have investigated information security breaches with the focus on the short-term impact on the market value of the firm. This study offers an alternate approach to investigate this issue as it explores the impact of breaches on financial performance of the firm, one year after the breach. Using a “matched sampling” methodology, we explored the impact of each type of breach (i.e. confidentiality, integrity, and availability) and also by IT intensity and size. Our results suggest that the direction of the impact (i.e. positive, negative) is dependent on the type of security breaches and also the impact of IT intensive firms is different from non-IT intensive firms. Our study also includes some important implications for managers and stock market investors.

Suggested Citation

  • Myung Ko & Kweku-Muata & Carlos Dorantesa, 2008. "Planning Technology Investments For High Payoffs: A Rational Expectations Approach To Gauging Potential And Realized Value In A Changing Environment," Working Papers 0040, College of Business, University of Texas at San Antonio.
    • Handle: RePEc:tsa:wpaper:0085is
    as

    Download full text from publisher

    File URL: http://interim.business.utsa.edu/wps/IS/0040IS-299-2008.pdf
    File Function: Full text
    Download Restriction: no
    ---><---

    References listed on IDEAS

    as
    1. Anat Hovav & John D'Arcy, 2003. "The Impact of Denial‐of‐Service Attack Announcements on the Market Value of Firms," Risk Management and Insurance Review, American Risk and Insurance Association, vol. 6(2), pages 97-121, September.
    2. Neil F. Doherty & Heather Fulford, 2005. "Do Information Security Policies Reduce the Incidence of Security Breaches: An Exploratory Analysis," Information Resources Management Journal (IRMJ), IGI Global, vol. 18(4), pages 21-39, October.
    Full references (including those not matched with items on IDEAS)

    Most related items

    These are the items that most often cite the same works as this one and are cited by the same works as this one.
    1. Xinran Wang & Jiaju Yan & Timothy P. Munyon & T. Russell Crook, 2025. "Breached But Not Broken: How Attributional Information Shapes Shareholder Reactions to Firms Following Data Breaches," Corporate Reputation Review, Palgrave Macmillan, vol. 28(1), pages 71-92, February.
    2. Michael McShane & Trung Nguyen, 0. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 0, pages 1-36.
    3. Doherty, Neil Francis & Anastasakis, Leonidas & Fulford, Heather, 2011. "Reinforcing the security of corporate information resources: A critical review of the role of the acceptable use policy," International Journal of Information Management, Elsevier, vol. 31(3), pages 201-209.
    4. Benaroch, Michel & Chernobai, Anna & Goldstein, James, 2012. "An internal control perspective on the market value consequences of IT operational risk events," International Journal of Accounting Information Systems, Elsevier, vol. 13(4), pages 357-381.
    5. Sanghyun Kim & Bora Kim & Minsoo Seo, 2020. "Impacts of Sustainable Information Technology Capabilities on Information Security Assimilation: The Moderating Effects of Policy—Technology Balance," Sustainability, MDPI, vol. 12(15), pages 1-24, July.
    6. Michael McShane & Trung Nguyen, 2020. "Time-varying effects of cyberattacks on firm value," The Geneva Papers on Risk and Insurance - Issues and Practice, Palgrave Macmillan;The Geneva Association, vol. 45(4), pages 580-615, October.
    7. Narcyz Roztocki & Heinz Roland Weistroffer, 2015. "Investments in enterprise integration technology: An event study," Information Systems Frontiers, Springer, vol. 17(3), pages 659-672, June.
    8. Prof. Dr. Walter Krämer & Sebastian Schich, "undated". "Large - scaledisasters and the insurance industry," Working Papers 4, Business and Social Statistics Department, Technische Universität Dortmund, revised Mar 2005.
    9. Doherty, Neil Francis & Anastasakis, Leonidas & Fulford, Heather, 2009. "The information security policy unpacked: A critical study of the content of university policies," International Journal of Information Management, Elsevier, vol. 29(6), pages 449-457.
    10. Björn Häckel & Florian Hänsch & Michael Hertel & Jochen Übelhör, 2019. "Assessing IT availability risks in smart factory networks," Business Research, Springer;German Academic Association for Business Research, vol. 12(2), pages 523-558, December.
    11. Alessandro Mazzoccoli, 2023. "Optimal Cyber Security Investment in a Mixed Risk Management Framework: Examining the Role of Cyber Insurance and Expenditure Analysis," Risks, MDPI, vol. 11(9), pages 1-14, August.
    12. Shinichi Kamiya & Jun-Koo Kang & Jungmin Kim & Andreas Milidonis & René M. Stulz, 2018. "What is the Impact of Successful Cyberattacks on Target Firms?," NBER Working Papers 24409, National Bureau of Economic Research, Inc.
    13. Rosati, Pierangelo & Cummins, Mark & Deeney, Peter & Gogolin, Fabian & van der Werff, Lisa & Lynn, Theo, 2017. "The effect of data breach announcements beyond the stock price: Empirical evidence on market activity," International Review of Financial Analysis, Elsevier, vol. 49(C), pages 146-154.
    14. Kelly D. Martin & Patrick E. Murphy, 2017. "The role of data privacy in marketing," Journal of the Academy of Marketing Science, Springer, vol. 45(2), pages 135-155, March.
    15. Bolster Paul & Pantalone Coleen H & Trahan Emery A, 2010. "Security Breaches and Firm Value," Journal of Business Valuation and Economic Loss Analysis, De Gruyter, vol. 5(1), pages 1-13, April.
    16. Syed Emad Azhar Ali & Fong-Woon Lai & Ahmad Ali Jan & Haseeb ur Rahman & Syed Quaid Ali Shah & Salaheldin Hamad, 2024. "Does intellectual capital curb the long-term effect of information security breaches on firms’ market value?," Quality & Quantity: International Journal of Methodology, Springer, vol. 58(4), pages 3673-3702, August.
    17. Jeffrey Roberts & David Wasieleski, 2012. "Moral Reasoning in Computer-Based Task Environments: Exploring the Interplay between Cognitive and Technological Factors on Individuals’ Propensity to Break Rules," Journal of Business Ethics, Springer, vol. 110(3), pages 355-376, October.
    18. Carboni, Marika & Dell’Atti, Stefano & Gianfrancesco, Igor & Onorato, Grazia, 2024. "The impact of cyber enforcement actions on stock returns," Research in International Business and Finance, Elsevier, vol. 71(C).
    19. Mendiela, Pauline, 2021. "Information security breaches and financial market reaction: the French case," MPRA Paper 105029, University Library of Munich, Germany.
    20. Henner Gimpel & Dominikus Kleindienst & Niclas Nüske & Daniel Rau & Fabian Schmied, 2018. "The upside of data privacy – delighting customers by implementing data privacy measures," Electronic Markets, Springer;IIM University of St. Gallen, vol. 28(4), pages 437-452, November.

    More about this item

    Keywords

    Information security; impact; security breach; organizational performance; confidentiality; integrity; availability;
    All these keywords.

    JEL classification:

    • M15 - Business Administration and Business Economics; Marketing; Accounting; Personnel Economics - - Business Administration - - - IT Management

    Statistics

    Access and download statistics

    Corrections

    All material on this site has been provided by the respective publishers and authors. You can help correct errors and omissions. When requesting a correction, please mention this item's handle: RePEc:tsa:wpaper:0085is. See general information about how to correct material in RePEc.

    If you have authored this item and are not yet registered with RePEc, we encourage you to do it here. This allows to link your profile to this item. It also allows you to accept potential citations to this item that we are uncertain about.

    If CitEc recognized a bibliographic reference but did not link an item in RePEc to it, you can help with this form .

    If you know of missing items citing this one, you can help us creating those links by adding the relevant references in the same way as above, for each refering item. If you are a registered author of this item, you may also want to check the "citations" tab in your RePEc Author Service profile, as there may be some citations waiting for confirmation.

    For technical questions regarding this item, or to correct its authors, title, abstract, bibliographic or download information, contact: Wendy Frost (email available below). General contact details of provider: https://edirc.repec.org/data/cbutsus.html .

    Please note that corrections may take a couple of weeks to filter through the various RePEc services.

    IDEAS is a RePEc service. RePEc uses bibliographic data supplied by the respective publishers.