� Public company investors rely on the Big 4 audit firms to provide assurance over internal controls and financial reporting. What, then, would happen if one of these very assurance providers suffered its own cybersecurity breach? We examine such an event in the major data breach of Deloitte in 2017. Using U.S. data from 2014 to 2019, we find Deloitte suffered significant reputational damage postbreach. Specifically, audit clients and existing shareholders became less likely to approve of Deloitte as the company’s auditor. Deloitte also charged lower audit fees after the incident. Furthermore, Deloitte’s audit clients suffered significant negative market reactions postbreach. Our results suggest pervasive implications of cyberattacks on auditor reputation and support recent congressional efforts to expand regulation in this area.
{"title":"Cybersecurity Breach at a Big 4 Accounting Firm: Effects on Auditor Reputation","authors":"B. Litt, Paul N. Tanyi, M. Watson","doi":"10.2308/isys-2022-006","DOIUrl":"https://doi.org/10.2308/isys-2022-006","url":null,"abstract":"\u0000 Public company investors rely on the Big 4 audit firms to provide assurance over internal controls and financial reporting. What, then, would happen if one of these very assurance providers suffered its own cybersecurity breach? We examine such an event in the major data breach of Deloitte in 2017. Using U.S. data from 2014 to 2019, we find Deloitte suffered significant reputational damage postbreach. Specifically, audit clients and existing shareholders became less likely to approve of Deloitte as the company’s auditor. Deloitte also charged lower audit fees after the incident. Furthermore, Deloitte’s audit clients suffered significant negative market reactions postbreach. Our results suggest pervasive implications of cyberattacks on auditor reputation and support recent congressional efforts to expand regulation in this area.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87155127","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
� This study examines whether a firm’s business strategy is an underlying determinant of cybersecurity breach likelihood. Based on organizational theory, firm strategy can focus on innovation or efficiency, with innovative strategy firms being more likely to have weaker, decentralized control systems, multiple technologies, and greater risk than firms with an efficiency-focused strategy. Following the Miles and Snow (1978) strategy topology, we predict and find that the prospector business strategy is associated with greater breach likelihood. We further explore IT awareness within the firm. Ex ante, it is unclear whether strategic IT policy formation is impounded into a firm’s strategy or can be impacted by individual executives and nonstrategy firm characteristics. We find that IT understanding at the executive or firm level can affect the relationship between strategy and breach likelihood. Collectively, our results indicate that business strategy is a useful indicator in evaluating firms’ cybersecurity activities.
{"title":"Business Strategy and Cybersecurity Breaches","authors":"Tianpei Li, S. Walton","doi":"10.2308/isys-2022-033","DOIUrl":"https://doi.org/10.2308/isys-2022-033","url":null,"abstract":"\u0000 This study examines whether a firm’s business strategy is an underlying determinant of cybersecurity breach likelihood. Based on organizational theory, firm strategy can focus on innovation or efficiency, with innovative strategy firms being more likely to have weaker, decentralized control systems, multiple technologies, and greater risk than firms with an efficiency-focused strategy. Following the Miles and Snow (1978) strategy topology, we predict and find that the prospector business strategy is associated with greater breach likelihood. We further explore IT awareness within the firm. Ex ante, it is unclear whether strategic IT policy formation is impounded into a firm’s strategy or can be impacted by individual executives and nonstrategy firm characteristics. We find that IT understanding at the executive or firm level can affect the relationship between strategy and breach likelihood. Collectively, our results indicate that business strategy is a useful indicator in evaluating firms’ cybersecurity activities.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83963264","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-06-01DOI: 10.2308/0888-7985-37.2.137
{"title":"Editorial Policy","authors":"","doi":"10.2308/0888-7985-37.2.137","DOIUrl":"https://doi.org/10.2308/0888-7985-37.2.137","url":null,"abstract":"","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"90299924","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Jörg H. Mayer, Linus Lischke, R. Quick, Friedrich Kalden
� Today’s economic environment has accelerated an already changing working context for accounting. Collecting accounts receivables (AR) stands out, as it enables companies to turn invoices into cash. The objective of this article is to elaborate on both the most important use situations for an AR collection management and a subsequent app design accommodating these use situations. We take a healthcare product provider as our reference company and come up with nine use situations prioritized by an analytic hierarchy process as follows: (1) drive operational governance, (2) switch to a more proactive collection management, (3) increase order-to-cash process effectiveness, (4) set targets and monitor them, (5) automate AR process actions by an agent, (6) predict process errors in advance, (7) exchange information across departments, (8) set up a predictive liquidity management, and (9) automate workload tracking of AR process activities.
{"title":"When Cash Is King - An Accounts Receivables App Accommodating Different Use Situations","authors":"Jörg H. Mayer, Linus Lischke, R. Quick, Friedrich Kalden","doi":"10.2308/isys-2022-022","DOIUrl":"https://doi.org/10.2308/isys-2022-022","url":null,"abstract":"\u0000 Today’s economic environment has accelerated an already changing working context for accounting. Collecting accounts receivables (AR) stands out, as it enables companies to turn invoices into cash. The objective of this article is to elaborate on both the most important use situations for an AR collection management and a subsequent app design accommodating these use situations. We take a healthcare product provider as our reference company and come up with nine use situations prioritized by an analytic hierarchy process as follows: (1) drive operational governance, (2) switch to a more proactive collection management, (3) increase order-to-cash process effectiveness, (4) set targets and monitor them, (5) automate AR process actions by an agent, (6) predict process errors in advance, (7) exchange information across departments, (8) set up a predictive liquidity management, and (9) automate workload tracking of AR process activities.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83476258","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
J. George, Manjul Gupta, Gabriel A. Giordano, Annette M. Mills, Vanesa M. Tennant, Carmen C. Lewis
� With the publication of this article, we are making available the dataset collected for and analyzed in our 2018 MIS Quarterly article “The Effects of Communication Mode and Culture on Deception Detection Accuracy.” Our article examined the relationships between computer-based modes of communication and national culture on deception detection success. We provide additional information about the dataset and how it was collected, as well as suggestions for future research. This additional information should help any scholar interested in further analysis of the dataset or extending our study.
{"title":"Publishing the Data from \"The Effects of Communication Mode and Culture on Deception Detection Accuracy\"","authors":"J. George, Manjul Gupta, Gabriel A. Giordano, Annette M. Mills, Vanesa M. Tennant, Carmen C. Lewis","doi":"10.2308/isys-2022-025","DOIUrl":"https://doi.org/10.2308/isys-2022-025","url":null,"abstract":"\u0000 With the publication of this article, we are making available the dataset collected for and analyzed in our 2018 MIS Quarterly article “The Effects of Communication Mode and Culture on Deception Detection Accuracy.” Our article examined the relationships between computer-based modes of communication and national culture on deception detection success. We provide additional information about the dataset and how it was collected, as well as suggestions for future research. This additional information should help any scholar interested in further analysis of the dataset or extending our study.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-06-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72390705","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
� Cybersecurity breaches (CBs) negatively influence the breached firms’ business functions, including their innovative investments. Recent research documents a spillover effect of CBs into supply chain firm performance. We extend this research and investigate the impact of customers’ CBs on suppliers’ innovative investments and the disruption of supplier-customer relationships. We find a significant negative association between customers’ reported CBs and suppliers’ innovative investments in the subsequent year. In addition, we find customer-reported CBs increase the likelihood of supplier-customer relationship disruption in the subsequent year. Our study contributes to the broader understanding of the negative impacts of CBs not only on the breached firm’s financial performance but also on key supplier innovation decisions.� Data Availability: Data are available from the public sources cited in the text.� JEL Classifications: L14; L29; M49; O30.
{"title":"The Impact of Customer-Reported Cybersecurity Breaches on Key Supplier Innovations and Relationship Disruption","authors":"C. He, Jiangbo Huangfu, M. Kohlbeck, Lin Wang","doi":"10.2308/isys-2020-006","DOIUrl":"https://doi.org/10.2308/isys-2020-006","url":null,"abstract":"\u0000 Cybersecurity breaches (CBs) negatively influence the breached firms’ business functions, including their innovative investments. Recent research documents a spillover effect of CBs into supply chain firm performance. We extend this research and investigate the impact of customers’ CBs on suppliers’ innovative investments and the disruption of supplier-customer relationships. We find a significant negative association between customers’ reported CBs and suppliers’ innovative investments in the subsequent year. In addition, we find customer-reported CBs increase the likelihood of supplier-customer relationship disruption in the subsequent year. Our study contributes to the broader understanding of the negative impacts of CBs not only on the breached firm’s financial performance but also on key supplier innovation decisions.\u0000 Data Availability: Data are available from the public sources cited in the text.\u0000 JEL Classifications: L14; L29; M49; O30.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-05-30","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"76863423","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-25DOI: 10.1080/0960085x.2023.2217362
Aleksandre Asatiani, Tuulikki Hakkarainen, Kimmo Paaso, Esko Penttinen
{"title":"Security by envelopment – a novel approach to data-security-oriented configuration of lightweight-automation systems","authors":"Aleksandre Asatiani, Tuulikki Hakkarainen, Kimmo Paaso, Esko Penttinen","doi":"10.1080/0960085x.2023.2217362","DOIUrl":"https://doi.org/10.1080/0960085x.2023.2217362","url":null,"abstract":"","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-05-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"48885334","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
� This research note describes an innovative dataset that was developed and used by Gao, Calderon, and Tang (2020) and Calderon and Gao (2021) to examine cybersecurity risk disclosures. Our innovative dataset and contemporary text analytics methodology allowed us to develop interesting insights and identify various patterns in the disclosure of cybersecurity risks that publicly traded companies face. We believe that researchers can learn from our data and methodology, and contribute further to the literature on corporate disclosure in general and cybersecurity risks in particular.
本研究报告描述了由Gao, Calderon, and Tang(2020)和Calderon and Gao(2021)开发和使用的创新数据集,以检查网络安全风险披露。我们的创新数据集和现代文本分析方法使我们能够开发有趣的见解,并确定上市公司面临的网络安全风险披露的各种模式。我们相信,研究人员可以从我们的数据和方法中学习,并进一步为企业信息披露,特别是网络安全风险的文献做出贡献。
{"title":"Innovative and Novel Research Datasets Related to Cybersecurity Risk Disclosures: A Research Note","authors":"Thomas G. Calderon, Lei Gao","doi":"10.2308/isys-2022-065","DOIUrl":"https://doi.org/10.2308/isys-2022-065","url":null,"abstract":"\u0000 This research note describes an innovative dataset that was developed and used by Gao, Calderon, and Tang (2020) and Calderon and Gao (2021) to examine cybersecurity risk disclosures. Our innovative dataset and contemporary text analytics methodology allowed us to develop interesting insights and identify various patterns in the disclosure of cybersecurity risks that publicly traded companies face. We believe that researchers can learn from our data and methodology, and contribute further to the literature on corporate disclosure in general and cybersecurity risks in particular.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-05-24","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"79647065","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Terence J. Pitre, R. Pinsker, Ronald J. Daigle, Y. Zhang
� Using Twitter to disseminate information has two advantages: flexibility in presentation formats and the ability to redisclose a prior period’s information—referred to as “rehashing.” Our research examines the effect of these issues on market investors’ trading. Our experimental market results suggest that nonprofessional investors presented with whole-number quarterly earnings exhibit insensitivity to the large numbers (i.e., psychophysical numbing). Further, we find evidence suggesting that investors in the whole-number condition net the rehashed quarterly earnings information with current quarterly earnings information to counteract the psychophysical numbing effects, whereas those in the earnings per share (small-number) condition display a representativeness bias toward positive news when processing the rehashed information. Our results indicate that a firm can influence investor decisions when managers strategically disseminate larger whole numbers and rehash positive earnings information. Thus, our findings contribute novel information to the extant social media literature.� Data Availability: Data are available from the first author upon request.
{"title":"#Twitter: Examining the Impact of Earnings Format Choice and Rehashing Prior Positive Information on Market Prices","authors":"Terence J. Pitre, R. Pinsker, Ronald J. Daigle, Y. Zhang","doi":"10.2308/isys-2021-034","DOIUrl":"https://doi.org/10.2308/isys-2021-034","url":null,"abstract":"\u0000 Using Twitter to disseminate information has two advantages: flexibility in presentation formats and the ability to redisclose a prior period’s information—referred to as “rehashing.” Our research examines the effect of these issues on market investors’ trading. Our experimental market results suggest that nonprofessional investors presented with whole-number quarterly earnings exhibit insensitivity to the large numbers (i.e., psychophysical numbing). Further, we find evidence suggesting that investors in the whole-number condition net the rehashed quarterly earnings information with current quarterly earnings information to counteract the psychophysical numbing effects, whereas those in the earnings per share (small-number) condition display a representativeness bias toward positive news when processing the rehashed information. Our results indicate that a firm can influence investor decisions when managers strategically disseminate larger whole numbers and rehash positive earnings information. Thus, our findings contribute novel information to the extant social media literature.\u0000 Data Availability: Data are available from the first author upon request.","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"72693698","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-05-17DOI: 10.1080/0960085x.2023.2214744
Yu-Ju Tu, S. Piramuthu
{"title":"Security and privacy risks in drone-based last mile delivery","authors":"Yu-Ju Tu, S. Piramuthu","doi":"10.1080/0960085x.2023.2214744","DOIUrl":"https://doi.org/10.1080/0960085x.2023.2214744","url":null,"abstract":"","PeriodicalId":50486,"journal":{"name":"European Journal of Information Systems","volume":null,"pages":null},"PeriodicalIF":9.5,"publicationDate":"2023-05-17","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"59505163","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: