The rapid digital transformations across every industry sector, accelerated partly due to the COVID-19 pandemic, have increased organizations’ use of information systems for operational and strategic purposes. These organizational responses have led to a confluence of digital, biological, and physical technologies that are revolutionizing business practices and workflows. But accompanying the pervasive use of digital technologies and the evolutionary nature of digital assets, is a shifting world of cyberattacks and information security (ISec) cybercrimes. Dynamic cybercrimes make it increasingly difficult for managers and researchers to anticipate the types, magnitude, and severity of future information security (ISec) breaches. Thus, we perform a systematic literature review (SLR) that explores, gathers, and categorizes event studies to examine the influence of favorable and unfavorable ISec events on stock markets. We extend the research conducted by Spanos and Angelis (2016) and provide a comprehensive understanding of the market's efficiency to process public information released about ISec events, ISec contingency factors, and the influence of ISec events on stock prices and factors other than price. Our systematic search reveals 58 relevant papers that include 80 studies. We find that in 75% of the studies ISec events can significantly affect a company's stock market performance, and that such effects are primarily exhibited within two days before and after the event day. Further, the magnitude of abnormal returns is higher in studies examining unfavorable ISec events, such as ISec breaches, compared to abnormal returns from favorable events, such as ISec investments and ISec certifications. In the end, our SLR serves as a foundation for ISec and management communities to build upon to keep industry and academia apprised of continually developing trends, new attack vectors and types of data breaches, protective ISec behaviors and programs, and their subsequent influences on stock market values and returns.

每个行业部门的快速数字化转型（部分由于 COVID-19 大流行而加速）增加了组织将信息系统用于运营和战略目的。这些组织响应导致了数字、生物和物理技术的融合，这些技术正在彻底改变业务实践和工作流程。但是，随着数字技术的广泛使用和数字资产的不断发展，网络攻击和信息安全 (ISec) 网络犯罪的世界也在不断变化。动态网络犯罪使管理人员和研究人员越来越难以预测未来信息安全 (ISec) 漏洞的类型、规模和严重性。因此，我们进行了系统的文献综述 (SLR)，探索、收集、并对事件研究进行分类，以检查有利和不利的 ISec 事件对股票市场的影响。我们扩展了 Spanos 和 Angelis (2016) 进行的研究，并全面了解市场处理有关 ISec 事件、ISec 应急因素以及 ISec 事件对股价和价格以外因素的公开信息的效率。我们的系统搜索揭示了 58 篇相关论文，其中包括 80 项研究。我们发现，在 75% 的研究中，ISec 事件可以显着影响公司的股票市场表现，并且这种影响主要表现在事件发生前后的两天内。此外，在研究不利的 ISec 事件（例如 ISec 违规、与来自有利事件的异常回报相比，例如 ISec 投资和 ISec 认证。最后，我们的 SLR 作为 ISec 和管理社区的基础，让工业和学术界随时了解不断发展的趋势、新的攻击媒介和数据泄露类型、保护性 ISec 行为和程序，以及它们对股票的后续影响市场价值和回报。