In terms of economic impact and market reaction, a 2003 study by Campbell, Gordon, Loeb and Zhou provided evidence to suggest that firms are significantly punished by the stock market only when security issues involve confidential information or unauthorized access to private information such as customer lists, credit card data, and company secrets. If the security issues are of a non-confidential nature such as denial of service attacks, and viruses, then sampling in the study suggests trivial stock market reaction.
The data that was sampled/tested in the study spanned the years 1997-2000 and involved publicly disclosed security incidents that were reported in either the Wall Street Journal, New York Times, Washington Post, USA Today, or Financial Times.
I wonder if data samples from 2000-2007 would remain in-line with previous empirical findings, or if revenues/sales were impacted versus just the stock price?
Reference
Campbell, K., Gordon, L., Loeb, M. & Zhou, L. (2003). The economic cost of publicly announced information security breaches: empirical evidence from the stock market. Journal of Computer Security, 11(3). Retrieved July 1, 2008 from Academic Search Premier
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment