Search results

The purpose of this research is to provide companies and consumers with information about the potential connections between data breach types and institutions. This study also aims to add to the body of knowledge about data breaches.

This study analyzes a chronology of five years of data breaches. The data were classified and analyzed by breach and institution type, record size, and state. Multiple statistical tests were performed.

Breach types stolen and exposed are statistically more likely to occur. Educational institutions are more likely to have a breach and it is more probable that educational breaches will be of type hacker or exposed. The proportion of insider incidents is smaller than the other breach types. The number of records breached is independent of institution and breach type.

Only those breaches with a specified number of records are included. The information used may have been updated after our analysis, usually a change in the number of records identified.

Additional knowledge about characteristics of data breaches and the relationship between breach types and institution types will enable both businesses and consumers to be more effective in protecting sensitive information. Businesses will be able to create security budgets based on risk factors and consumers will be more aware of the risks of providing sensitive information.

This study provides a longitudinal analysis covering five years of data breaches and analyzes the relationship between five breach types and six types of institutions.

This paper aims to analyze the effect of data breaches – whose concerns and implications can be legal, social and economic – on companies’ overall performance.

Information on data breaches was collected from online compilations, and financial data on breached companies was collected from the Mergent Online database. The financial variables used were related to profitability, liquidity, solvency and company size to analyze the financial performance of the breached companies before and after the data breach event. Nonfinancial data, such as the type and the size of the breaches, was also collected. The data was analyzed using multiple regression.

The results confirm that nonmandatory information related to announcements of data breaches is a signal of companies’ overall performance, as measured by profitability ratios, return on assets and return on equity. The study does not confirm a relationship between data breaches and stock market reaction when measuring quarterly changes in share prices.

The main limitation of the study relates to ratio and trend analyses. Such analyses are commonly used when researching accounting information. However, they do not directly reflect the companies’ conditions and realities, and they rely on companies’ released financial reports. Another limitation concerns the confounding factors. The major confounding factors around the data breaches’ dates were identified; however, this was not enough to assure that other factors were not affecting the companies’ financial performance. Because of the nature of such events, this study needs to be replicated to include specific information about the companies using case studies. Therefore, the authors recommend replicating the research to validate the article’s findings when each industry makes more announcements available.

To remediate the risks and losses associated with data breaches, companies may use their reserved funds.

Company data breach announcements signal internal deficiencies. Therefore, the affected companies become liable to their employees, customers and investors.

The paper contributes to both theory and practice in the areas of accounting finance, and information management.

This study aims to evaluate changes to the financial performance of organizations in the 1–4 quarters following a data breach event. The study introduces two new variables, “intangible assets” and “extraordinary losses” to the discussion on the impact of data breaches on an organization’s financial performance. Intangible assets allow us to gauge the data breach’s impact on the organization’s brand reputation and intellectual capital reserves. Extraordinary losses allow us to gauge if organizations considered data breaches truly detrimental to their operations that they rose to the level of “extraordinary” and not an event that could be incorporated into its usual operating expenses.

This study uses a matched sample comparison analysis of 47 organizations to understand the short-term and long-term impacts of data breach events on an organization’s financial performance.

Data breach events have some negative impacts on the organization’s profitability more than likely leading to a depletion of the organization’s assets. However, organizations do not perform better or worse in the short-term or long-term due to a data breach event; the organizations can be considered financially sustainable in the 1–4 quarters following a data breach disclosure.

This study takes two approaches to theory development. The first approach extends the current literature on data breach events as negative, value declining events to the organization’s performance, which is referred to as the “traditional view.” The second view posits that a data breach event may be a catalyst for enhanced long-term organization performance; this is referred to as the organizational sustainability and resiliency view.

While every firm is striving to embrace digital transformation (DT) to form new differentiating business capabilities, there are dark sides to such initiatives, and it is essential to acknowledge, identify and address them. The purpose of this paper is to identify and emperically demonstrate the impact of such darksides of DT. While a firm's DT effort may have many dark sides, the authors identify data breaches as the most critical one and focus on proving their impact since it can inflict significant damage to the firm.

Through the lens of paradox theory, the authors argue that the DT efforts of a firm will lead to increased risk and severity of data breaches. The authors developed a one-of-a-kind longitudinal data set by combining data from multiple sources, including 3604 brands over a 10-year period, and employed a DT performance scorecard to evaluate a firm's DT effort across four key digital selling touchpoints: site, mobile, digital marketing and social media.

The findings of this study show that a firm's DT efforts pertaining to its mobile and digital marketing platforms significantly increase the likelihood and severity of a data breach event indicating that these two channels are most vulnerable and need heightened attention from firms. Furthermore, the findings suggest that the negative repercussions of some DT initiatives may be minimized as the firm becomes more innovative. The findings can help firms re-strategize their DT efforts by promoting security and also encouraging a balanced communication strategy.

This research is one of the first to identify, recognize and empirically illustrate the downsides of a DT effort that is otherwise thought to provide only benefits.

This essay aims to draw attention to the idea of a new research approach to knowledge management (KM) labelled responsible KM (rKM) as a possible answer to not only address the consequences of the pandemic but also other present and upcoming societal challenges.

This essay has been prepared by a KM researcher who shares their own personal views and opinion regarding past and current societal developments and based on that offers a potentially new KM direction.

Switching the focus to rKM may help address current and upcoming social challenges that can only be addressed jointly by the global community and which would also involve a new consideration of the “knowledge” resource.

The essay proposes a new alternative approach to KM called rKM that is based on ideas that to the author’s knowledge have not been discussed in this way in the contemporary literature on KM.

The purpose of this paper is to review current practice in sharing and mining medical data revealing benefits, costs and ethical issues. Based on stakeholder perspectives and values, the authors create an ethical code to regulate the sharing and mining of medical information.

The framework is based on a review of academic, practitioner and legal research.

Owing to the inability of current safeguards to protect consumers from risks related to the disclosure of medical information, the authors develop a framework for ethical sharing and mining of medical data, security, transparency, respect, accountability, community and quality (STRACQ), which espouses security, transparency, respect, accountability, community and quality as the basic tenets of ethical data sharing and mining practice.

The STRACQ framework is an original, previously unpublished contribution that will require modification over time based on discussion and debate within and among the academy, medical community and public policymakers.

The framework for sharing borrows from the Fair Credit Reporting Act, allowing the collection and dissemination of identified medical data but placing strict limitations on use. Following this framework, benefits of shared and mined medical data are freely available with appropriate safeguards for consumer privacy.

Mandates for adoption of electronic health-care records require an understanding of medical data mining. This paper presents a review of data mining techniques and reasons for engaging in the practice of identifying benefits, costs and ethical issues. The authors create an original framework, STRACQ, for ethical sharing and mining of medical information, allowing knowledge exploration while protecting consumer privacy.

We assess the impact of NZ IAS 32 on the financial reporting of convertible financial instruments by retrospective application of the standard to a sample of New Zealand companies over the period 1988 ‐ 2003. NZ IAS 32 has a broader definition of liabilities than does the corresponding current standard (FRS‐31) and it does not permit convertibles to be reported under headings that are intermediate to debt and equity. The results of the study indicate that in comparison with the reported financial position and performance, the reporting of convertibles in accordance with NZ IAS 32 would result in higher amounts for liabilities and higher interest. Thus, analysts using financial statement information to assess risk of financial distress will need to revise the critical values of commonly used measures of risk and performance when companies report under NZ IAS

In the Foreword to the first Annual Report of the Commissioner for the Rights of Trade Union Members, Mrs.Gill Rowlands says “As Commissioner I am able to provide material assistance to union members contemplating or taking certain proceedings in connection with … matters specified [in] … the 1988 Act. If assistance is granted, the applicant will know that he/she will not be placed at a disadvantage by a lack of ability to obtain legal advice or pay legal costs in connection with those proceedings.”

In order to succeed in an action under the Equal Pay Act 1970, should the woman and the man be employed by the same employer on like work at the same time or would the woman still be covered by the Act if she were employed on like work in succession to the man? This is the question which had to be solved in Macarthys Ltd v. Smith. Unfortunately it was not. Their Lordships interpreted the relevant section in different ways and since Article 119 of the Treaty of Rome was also subject to different interpretations, the case has been referred to the European Court of Justice.