Purpose

Today, information systems and technology provides a wide set of tools for companies to increase the efficiency of their businesses. Although technology offers many benefits to businesses, it also brings risks as the information systems security breaches. Security breaches and their financial impact is a constant concern of the researchers and practitioners. This paper explores information systems breaches and their financial impacts on the publicly traded companies in different sectors.

Design/methodology/approach

After a comprehensive data collection process, data from 192 events are analyzed by employing Event Study Methodology and a comparison of the results between the four highly affected sectors (Consumer Goods, Technology, Financial and Communications) is presented. The abnormal returns on the prices of stocks after the events are calculated with the Market Model. Also, the results of the Market Adjusted Model and Mean Adjusted Model are presented to support the results.

Findings

While information systems security breaches have a significant negative impact on the Financials and the Technology sectors for all the event windows in the study ([−5, 0], [−5, 1], [−5, 5], and [−5, 10]), the significant negative impact is observed only on the [−5, 5] and [−5, 10] event windows for the Consumer Goods sector. No significant negative impact is observed in the Communications sector, in fact, the cumulative abnormal returns are positive for this sector.

Originality/value

The contribution of this paper to provide evidence about the financial impacts of the information systems breaches for businesses in different sectors. While there are studies that have previously focused on the information systems breaches and their financial impacts on businesses, to the best of our knowledge, this is the first study that compares this effect between the four highly impacted sectors. With a relatively larger sample size and broader event windows than the past studies in the literature, statistical evidence is provided to managers to justify their investments in information security and build preventive measures to secure the market value of their firms.

中文翻译：

---

信息系统安全漏洞对上市公司的财务影响：不同部门的反应

目的

今天，信息系统和技术为公司提供了广泛的工具来提高他们的业务效率。尽管技术为企业提供了许多好处，但它也带来了信息系统安全漏洞的风险。安全漏洞及其财务影响一直是研究人员和从业者关注的问题。本文探讨了信息系统漏洞及其对不同行业上市公司的财务影响。

设计/方法/方法

在全面的数据收集过程之后，采用事件研究方法分析了 192 个事件的数据，并对四个高度受影响的部门（消费品、技术、金融和通信）之间的结果进行了比较。事件发生后股票价格的异常收益是用市场模型计算的。此外，还提供了市场调整模型和均值调整模型的结果以支持结果。

发现

虽然信息系统安全漏洞对研究中的所有事件窗口（[-5, 0]、[-5, 1]、[-5, 5] 和 [- 5, 10]），仅在消费品行业的 [-5, 5] 和 [-5, 10] 事件窗口上观察到显着的负面影响。通信板块未观察到显着的负面影响，事实上，该板块的累计超额收益为正。

原创性/价值

本文的贡献在于提供有关信息系统漏洞对不同行业企业的财务影响的证据。虽然之前有一些研究专注于信息系统漏洞及其对企业的财务影响，但据我们所知，这是第一个比较这四个受到高度影响的行业之间影响的研究。与文献中过去的研究相比，样本量相对更大，事件窗口更广，为管理者提供了统计证据，以证明他们在信息安全方面的投资是合理的，并制定了预防措施来确保公司的市场价值。