The benefits of a cyber-resilience posture on negative public reaction following data theft

Research shows that customers are insufficiently motivated to protect themselves from crimes that may derive from data theft within an organisation. Instead, the burden of security is placed upon the businesses that host their personal information. Companies that fail to sufficiently secure their cu...

Descripción completa

Guardado en:  
Detalles Bibliográficos
Autor principal: Toma, Traian (Autor)
Otros Autores: Décary-Hétu, David ; Dupont, Benoît
Tipo de documento: Electrónico Artículo
Lenguaje:Inglés
Publicado: 2023
En: Journal of criminology
Año: 2023, Volumen: 56, Número: 4, Páginas: 470-493
Acceso en línea: Volltext (kostenfrei)
Journals Online & Print:
Gargar...
Verificar disponibilidad: HBZ Gateway
Palabras clave:
crisis communication
cyber-resilience
Cybersecurity
data breach
ideal victim
Reputation
Risk Management
social reaction
Victim blaming
Vignettes
Descripción
Sumario:Research shows that customers are insufficiently motivated to protect themselves from crimes that may derive from data theft within an organisation. Instead, the burden of security is placed upon the businesses that host their personal information. Companies that fail to sufficiently secure their customers? information thus risk experiencing potentially ruinous reputational harm. There is a relative dearth of research examining why some businesses that have been breached stay resilient in the face of negative public reaction while others do not. To bridge this knowledge gap, this study tackles the concept of cyber-resilience, defined as the ability to limit, endure, and eventually bounce back from the impact of a cyber incident. A vignette-based experimental study was conducted and featured: (1) a breached business described as having a strong cyber-resilience posture; (2) a breached business described as having a weak cyber-resilience posture. Overall, a convenience sample of 605 students in Canada were randomly assigned to one of the two main experimental conditions. The results show that a strong cyber-resilience posture reduces negative customer attitudes and promotes positive customer behavioral intentions, in comparison to a weak cyber-resilience posture. Similarly, the more negative attitudes a customer holds toward a breached business, the less likely they are to behave favorably toward it. As a result of this study, cyber-resilience, which has hitherto primarily received conceptual attention, gains explanatory power. Furthermore, this research project contributes more generally to business victimology, which is an underdeveloped field of criminology.
ISSN:2633-8084
DOI:10.1177/26338076231161898