Investigating the Impact of Companies‘ Response Actions after a Data Breach
Produktform: Buch
Data breaches, which compromise the confidentiality of customer data that a company
stores, have become a common problem for many companies today. Due to sophisticated
attacks that are evolving constantly, companies have no chance to prevent data breaches
completely. Once a company becomes a victim of a data breach, it is legally obligated to
disclose the event to its affected customers. This announcement often leads to a financial
disaster due to public disclosure of a data breach that negatively impacts a company’s
market value, as well as customers’ relationship with the company, and in a worst-case
scenario, it can threaten the company’s very existence.
Currently, recommendations and standards to minimize these losses are lacking, but
affected companies do not remain inactive and react ad hoc to the double-edged negative
consequences by developing strategies, the so-called response strategy, to limit damage
through the public announcement of the data breach. However, it remains unclear
whether and how these response strategies make an impact.
This dissertation analyzes response strategies’ effects via four studies and clarifies
whether and how these strategies can impact negative consequences. The studies’
results indicate that response strategies always comprise a combination of several
response actions. An examination of real response strategies can be used to clarify which
response actions currently are practiced to follow up with a detailed analysis. This
analysis indicated that the studied response actions justification, apology, and
compensation affect market value and customer relationships. Using expectationconfirmation
theory and signaling theory, these response actions’ mechanism
subsequently is uncovered and explained: The mechanism is two-dimensional, and the
response actions elicit direct and side effects. These must be considered equally to
ensure successful implementation of response actions.weiterlesen