EconPapers    
Economics at your fingertips  

EconPapers Home
About EconPapers

Working Papers
Journal Articles
Books and Chapters
Software Components

Authors

JEL codes
New Economics Papers

Advanced Search


EconPapers FAQ
Archive maintainers FAQ
Cookies at EconPapers

Format for printing

The RePEc blog
The RePEc plagiarism page

 

The Impact of Executives’ IT Expertise on Reported Data Security Breaches

Jacob Haislip (), Jee-Hae Lim () and Robert Pinsker ()
Additional contact information
Jacob Haislip: School of Accounting, Rawls College of Business, Texas Tech University, Lubbock, Texas 79409
Jee-Hae Lim: School of Accountancy, University of Hawaii, Manoa, Honolulu, Hawaii 96822
Robert Pinsker: School of Accounting, Florida Atlantic University, Boca Raton, Florida 33431

Information Systems Research, 2021, vol. 32, issue 2, 318-334

Abstract: Data security breaches (DSBs) are increasing investor and regulator pressure on firms to improve their IT governance (ITG) in an effort to mitigate the related risk. Drawing on upper echelon theory, we argue that DSB risk cannot be mitigated by one executive alone, but, rather, is a shared leadership responsibility of the top management team (TMT; i.e., Chief Executive Officer (CEO), Chief Financial Officer (CFO), and Chief Information Officer (CIO)). By examining a sample of DSBs from 2005 to 2017, our study finds that CEOs with IT expertise are associated with fewer DSBs, with some evidence of a focus on DSBs containing consumer information. Our evidence also suggests that CFOs with IT expertise are less likely to report a DSB in general, as well as DSBs involving employee information or instigated by a person outside of the firm and, to a weaker extent, DSBs containing consumer information. Further, the presence of a CIO as part of the TMT is significantly associated with reduced DSBs of all types examined. Our results are robust to endogeneity concerns and an alternative propensity score matched sample. This study contributes a granular investigation of DSB risk involving executives with IT expertise that extends the upper echelon and ITG literatures.

Keywords: data security breaches; IT governance (ITG); IT expertise; upper echelon theory (search for similar items in EconPapers)
Date: 2021
References: View references in EconPapers View complete reference list from CitEc
Citations: View citations in EconPapers (8)

Downloads: (external link)
http://dx.doi.org/10.1287/isre.2020.0986 (application/pdf)

Related works:
This item may be available elsewhere in EconPapers: Search for items with the same title.

Export reference: BibTeX RIS (EndNote, ProCite, RefMan) HTML/Text

Persistent link: https://EconPapers.repec.org/RePEc:inm:orisre:v:32:y:2021:i:2:p:318-334

Access Statistics for this article

More articles in Information Systems Research from INFORMS Contact information at EDIRC.
Bibliographic data for series maintained by Chris Asher ().

 
Share

RePEc
This site is part of RePEc and all the data displayed here is part of the RePEc data set.

Is your work missing from RePEc? Here is how to contribute.

Questions or problems? Check the EconPapers FAQ or send mail to .

Örebro UniversityEconPapers is hosted by the School of Business at Örebro University.

Page updated 2025-03-19
Handle: RePEc:inm:orisre:v:32:y:2021:i:2:p:318-334