Open AccessHow Do Investors Perceive the Materiality of Data Security Incidents
Publication year - 2021
Publication title -
journal of global information management
Language(s) - English
Resource type - Journals
SCImago Journal Rank - 0.315
H-Index - 41
eISSN - 1533-7995
pISSN - 1062-7375
DOI - 10.4018/jgim.20211101oa08
Subject(s) - data breach , hacker , business , materiality (auditing) , confidentiality , sample (material) , computer security , information security , event (particle physics) , computer science , philosophy , chemistry , physics , chromatography , quantum mechanics , aesthetics
Data security incidents are continually increasing; hackers, governments, and other actors increasingly attempt to gain unauthorized access to confidential data. Information Systems (IS) users are becoming more vulnerable to the risks of data breaches. Many stakeholders perceive cybersecurity incidents as indicators of firms' operational and technological internal deficiencies. Previous research has revealed that investors react negatively to data breaches, yet little is known about investors' reactions to material data security incidents. Using a sample of 232 data security incidents for 132 publicly traded companies in the United States, we applied an event study methodology to discern investors' reactions to material versus immaterial incidents. We also use multivariate regression and time-to-event analysis to examine what determines the degree of investors' reactions, considering several intervals around the event day. Our results show that investors perceive material data security incidents as a deficiency of breached companies in comparison to immaterial incidents.