{"title":"应对网络攻击:自称受害者的说服力","authors":"Paolo Antonetti, Ilaria Baghi","doi":"10.1177/10946705241271337","DOIUrl":null,"url":null,"abstract":"Evidence shows that, in the aftermath of cyberattacks, organizations usually accept responsibility for having failed to protect stakeholders’ data more effectively. While this strategy is reasonable in many circumstances, research suggests that it would be unsuitable in situations where the data breach is caused exclusively by criminal actors, what scholars refer to as a “victim crisis.” We argue that, in this type of situations, organizations can apologize while claiming victimhood. We present a model of moderated mediation explaining the persuasiveness of this strategy as a response to cyberattacks. In five experiments, we show that an apology claiming victimhood outperforms an apology accepting or rejecting responsibility. However, claiming victimhood is effective only when evidence of harm is provided and when the organization cannot be construed as being partly responsible for the attack. Furthermore, claiming victimhood is more effective if the focal organization is perceived as virtuous and the cybercriminal as very competent. The study contributes to the literature on service failure and recovery by offering the first account of how claims of victimhood can be deployed effectively. Furthermore, the study raises important managerial implications by proposing a novel communication strategy that can be deployed in the aftermath of cyberattacks.","PeriodicalId":48358,"journal":{"name":"Journal of Service Research","volume":"22 1","pages":""},"PeriodicalIF":9.8000,"publicationDate":"2024-09-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Responding to Cyberattacks: The Persuasiveness of Claiming Victimhood\",\"authors\":\"Paolo Antonetti, Ilaria Baghi\",\"doi\":\"10.1177/10946705241271337\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Evidence shows that, in the aftermath of cyberattacks, organizations usually accept responsibility for having failed to protect stakeholders’ data more effectively. While this strategy is reasonable in many circumstances, research suggests that it would be unsuitable in situations where the data breach is caused exclusively by criminal actors, what scholars refer to as a “victim crisis.” We argue that, in this type of situations, organizations can apologize while claiming victimhood. We present a model of moderated mediation explaining the persuasiveness of this strategy as a response to cyberattacks. In five experiments, we show that an apology claiming victimhood outperforms an apology accepting or rejecting responsibility. However, claiming victimhood is effective only when evidence of harm is provided and when the organization cannot be construed as being partly responsible for the attack. Furthermore, claiming victimhood is more effective if the focal organization is perceived as virtuous and the cybercriminal as very competent. The study contributes to the literature on service failure and recovery by offering the first account of how claims of victimhood can be deployed effectively. Furthermore, the study raises important managerial implications by proposing a novel communication strategy that can be deployed in the aftermath of cyberattacks.\",\"PeriodicalId\":48358,\"journal\":{\"name\":\"Journal of Service Research\",\"volume\":\"22 1\",\"pages\":\"\"},\"PeriodicalIF\":9.8000,\"publicationDate\":\"2024-09-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Journal of Service Research\",\"FirstCategoryId\":\"91\",\"ListUrlMain\":\"https://doi.org/10.1177/10946705241271337\",\"RegionNum\":2,\"RegionCategory\":\"管理学\",\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"Q1\",\"JCRName\":\"BUSINESS\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Journal of Service Research","FirstCategoryId":"91","ListUrlMain":"https://doi.org/10.1177/10946705241271337","RegionNum":2,"RegionCategory":"管理学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"BUSINESS","Score":null,"Total":0}
Responding to Cyberattacks: The Persuasiveness of Claiming Victimhood
Evidence shows that, in the aftermath of cyberattacks, organizations usually accept responsibility for having failed to protect stakeholders’ data more effectively. While this strategy is reasonable in many circumstances, research suggests that it would be unsuitable in situations where the data breach is caused exclusively by criminal actors, what scholars refer to as a “victim crisis.” We argue that, in this type of situations, organizations can apologize while claiming victimhood. We present a model of moderated mediation explaining the persuasiveness of this strategy as a response to cyberattacks. In five experiments, we show that an apology claiming victimhood outperforms an apology accepting or rejecting responsibility. However, claiming victimhood is effective only when evidence of harm is provided and when the organization cannot be construed as being partly responsible for the attack. Furthermore, claiming victimhood is more effective if the focal organization is perceived as virtuous and the cybercriminal as very competent. The study contributes to the literature on service failure and recovery by offering the first account of how claims of victimhood can be deployed effectively. Furthermore, the study raises important managerial implications by proposing a novel communication strategy that can be deployed in the aftermath of cyberattacks.
期刊介绍:
The Journal of Service Research (JSR) is recognized as the foremost service research journal globally. It is an indispensable resource for staying updated on the latest advancements in service research. With its accessible and applicable approach, JSR equips readers with the essential knowledge and strategies needed to navigate an increasingly service-oriented economy. Brimming with contributions from esteemed service professionals and scholars, JSR presents a wealth of articles that offer invaluable insights from academia and industry alike.