Reading the Disclosures with New Eyes: Bridging the Gap between Information Security Disclosures and Incidents

نویسندگان

  • Tawei Wang
  • Jackie Rees Ulmer
  • Karthik N. Kannan
چکیده

This paper investigates how the characteristics of information security incidents and disclosures in financial reports affect the valuation of a firm. Building on theories of disclosures in the accounting literature, we investigate investor reaction to disclosures through both quantitative and qualitative analyses. A cross-sectional analysis is first performed to examine the effect of the number of disclosures on stock price reactions to information security incidents. The results suggest that information security risk factors disclosed in financial reports increases the impact of information security incidents. Such an observation is consistent with investors perceiving the disclosures as a warning of future incidents. In order to provide a richer interpretation of the results, we further explore the contents of the disclosures using text mining techniques. One of the key findings is that breached firms react to information security incidents by disclosing additional and more specific risk factors. We further build a model to link disclosures with different stock price reactions to information security incidents to provide insights into how companies should disclose security concerns and practices. The model suggests that the disclosures associated with non-negative reactions are more generic and include actionable terms which confirms different disclosure patterns from companies with and without breach announcements. Thus, the paper not only contributes to the literature in information security and accounting but also sheds light on how managers can evaluate their information security policies and convey information security practices more effectively to the investors.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

The value relevance of accounting disclosures among listed Nigerian firms: IFRS adoption

This study determined the value relevance of assets and liabilities after the adoption of IFRS among listed Nigerian firms. Ohlson Model (1995) model of stock price regressions tested the relationship between assets and liabilities with the stock price, which has been widely adopted by accounting researchers. A sample of 126 firms listed in Nigeria stock market is used for the study. Data is co...

متن کامل

Ta-wei Wang Essays on Information Security from an Economic Perspective Doctor of Philosophy

Wang, Ta-Wei. Ph.D., Purdue University, August, 2009. Essays on Information Security from an Economic Perspective. Major Professors: Jackie Rees and Karthik Kannan. Information security risks are becoming a critical issue to organizations given the significant impact of security related incidents. In this dissertation, we seek to further our understanding of how information security incidents a...

متن کامل

Online Security Performances and Information Security Disclosures

This study tests whether the voluntary disclosures in the annual reports concerning information security are credible. It also develops a scale to measure online security performances and identifies influencing factors. Our findings provide insights into the online security performances of financial institutions. Specifically, they manifest the similarity of online security performances within ...

متن کامل

Cross border E-Science and Research Partnership: Bridging the Gap Between Science and Media

  E-Science is a tool that helps scientists to store, interpret, analyze and make a network of their data, and it can play a critical role in different aspects of the scientific goals and research. This commentary, under the topic of Cross Border E-Science and Research Partnership: Bridging the Gap between Science and Media,[1] attempts to shed light on E-Science with emphasis on three importa...

متن کامل

Market Value of Voluntary Disclosures Concerning Information Security

Proactive security activities encompass voluntary disclosure concerning information security that firms are taking to improve the security of their information and information systems. Examples of voluntary disclosures falling into this category include discussions about a firm’s use of encryption, secure socket layers data transmission, implementation of network security measures, or disclosur...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008