An examination of the explicit costs of sensitive information security breaches

Posted on:2014-07-04

Degree:Ph.D

Type:Dissertation

University:Capella University

Candidate:Toe, Cleophas Adeodat

Full Text:PDF

GTID:1458390005483814

Subject:Business Administration

Abstract/Summary:

Data security breaches are categorized as loss of information that is entrusted in an organization by its customers, partners, shareholders, and stakeholders. Data breaches are significant risk factors for companies that store, process, and transmit sensitive personal information. Sensitive information is defined as confidential or proprietary information, which, if compromised through unauthorized disclosure, loss, misuse, alteration, or corruption, could cause serious harm to an organization or an individual. This study examined the impact of various types of sensitive data breached on corporations, as measured by the explicit costs of the breach events. This study takes into account United States and international firms that have suffered sensitive information security breaches. The dataset, which consists of publicly available secondary data, covers a period of 10 years ranging from 2003 to 2012. Utilizing a stratified random sampling method, the optimal sample size for this confirmatory analysis was determined via Cohen's (1988) statistical power analysis. Structural Equation Modeling (SEM), which is a causal modeling technique, was chosen to estimate the weight of various types of data breached on the direct cost of the breaches. In addition, Hierarchical Multiple Regression (HMR) technique was used to estimate co-related hypotheses pertaining to the weight of financial data breach versus non-financial data breach on the explicit costs of sensitive data security breaches. The results indicated that, on average, breaches involving credit cards and debit cards numbers, financial account information, medical protected records, social security numbers, and names and addresses have a positive impact on the explicit costs of sensitive information security breach. Credit and debit cards breaches, as well as social security number breaches, have been found to be the two most costly breaches to victim organizations with an average weight of 42% and 40%, respectively. Alternatively, sensitive information breaches involving financial information, while costly to organizations, have not been found, in this study, to be more damaging to organizations than every other sensitive non-financial information.

Keywords/Search Tags:

Information, Breaches, Sensitive, Explicit costs, Data

Related items

1	An Analysis of the Relationship between Security Information Technology Enhancements and Computer Security Breaches and Incidents
2	Exploring Information Technology Security Requirements for Academic Institutions to Reduce Information Security Attacks, Breaches, and Threats
3	Quantitative economics of security: Software vulnerabilities and data breaches
4	A novel neural network based system for assessing risks associated with information technology security breaches
5	Active learning in cost-sensitive environments
6	Examining data privacy breaches in healthcare
7	Algorithmic approaches to reducing resource costs in data centers
8	Research On The Key Technology Of Automated Discovery Of Enterprise Sensitive Information
9	Data-driven Sensitive Information Leakage Detection System
10	Strategies to Prevent Security Breaches Caused by Mobile Device