Title: Explaining investors' reaction to internet security breach using deterrence theory
Author: Francis Kofi Andoh-Baidoo
Address: Department of Computer Information Systems, University of Texas-Pan American, 1201 W University Drive, Edinburg, TX 78539, USA
Abstract: This study uses the deterrence theory to explain investors' behaviour towards the announcement of internet security breaches in the public media. Using the event study methodology, we compute the abnormal returns over a three day window. We then use decision tree induction to investigate how firm type and time affect the likelihood that an attack would lead to abnormal returns. The results reveal that investors are more likely to react negatively to announcements involving internet firms. In addition, investors are more likely to react negatively to more recent attacks. We argue that managers, especially in Net firms, should develop effective mechanisms to address security breach since investors interpret a security breach as management's failure to deter computer abusers from violating organisational security policies and controls. From a theoretical perspective, we demonstrate that event study research can use theory to explain investor's behaviour towards announcement of events in the public media.
Keywords: internet security breaches; e-finance; electronic finance; deterrence theory; investors reaction; CARs; cumulative abnormal returns; event studies; decision tree induction; firm damage; media announcements; news; security attacks; computer abuse; organisational security; public media; cyber attacks.
Int. J. of Electronic Finance, 2013 Vol.7, No.1, pp.1 - 14
Available online: 28 Jan 2013