The Economic Impact of Security Breaches on Publicly Traded Corporations: An Empirical Investigation

摘要

In a 2008 survey of 522 computer security professionals, the Computer Security Institute found an average reported cost close to $500,000 for those companies that experienced a financial fraud. A survey of potential cloud computing adopters show that security and privacy are the primary concerns for not using the cloud. The present research conducts an event study to investigate the impact of publicly announced security breaches on the market value of the breached companies. We utilize the cumulative abnormal returns, risk shifts, and volume changes to measure this impact. Our results show that the cumulative abnormal return due to a security breach is -.19%. We also found the mean risk factor increases by about 22 percent. Our results also show an abnormal trading volume of about 6%. None of the previous research studies in the information systems area has investigated the impact of security breaches on cumulative abnormal returns, volume changes, and risk shifts.