More security, less harm?: exploring the link between security measures and direct costs of cyber incidents within firms using PLS-PM

As one of the first articles to empirically explore the direct costs of cyber incidents, our research provides novel and significant insights into the structural links between cyber incidents, exposure, and security within firms, as well as the related technical consequences. We employ an explorativ...

Full description

Saved in:  
Bibliographic Details
Authors: Skarczinski, Bennet von (Author) ; Dreißigacker, Arne (Author) ; Teuteberg, Frank 1970- (Author)
Corporate Author: Internationale Tagung Wirtschaftsinformatik 17. 2022, Online (Issuing body)
Format: Electronic Book
Language:English
Published: [New York?] AIS Electronic Library (AISeL) 2022
In:Year: 2022
Online Access: Volltext (kostenfrei)
Volltext (kostenfrei)
Volltext (kostenfrei)
Check availability: HBZ Gateway
Keywords:
Description
Summary:As one of the first articles to empirically explore the direct costs of cyber incidents, our research provides novel and significant insights into the structural links between cyber incidents, exposure, and security within firms, as well as the related technical consequences. We employ an explorative approach, which is based on the causal information/cyber risk models proposed by Cohen et al. and Woods & Böhme, as well as PLS-modeling to analyze data from 493 firms that have incurred direct costs from their most severe cyber incident in the last 12 months. These data are part of a larger dataset, based on a representative and stratified random sample of 5,000 organizations that participated in a survey in 2018/19. Based on our model, we discuss the results and derive implications that are highly relevant to the alignment of IT (security) strategy and management. Furthermore, we identify gaps to be assessed in future research.
Item Description:Literaturverzeichnis
Physical Description:1 Online-Ressource Illustrationen
DOI:10.15496/publikation-83845