Digitala Vetenskapliga Arkivet

Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
The value of cybersecurity: Stock market reactions to security breach announcements
KTH, School of Industrial Engineering and Management (ITM).
KTH, School of Industrial Engineering and Management (ITM).
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
Värdet av datasäkerhet : Marknadsreaktioner på datasäkerhetsincidenter (Swedish)
Abstract [en]

Companies around the world invest an increasing amount of money trying to protect themselves from cybercrime and unauthorized access of valuable data. The nature of these covert threats makes it seemingly impossible to quantify the risk of getting attacked. While it is possible to estimate the tangible costs of a security breach it is much harder to asses what a company stands to lose in terms of intangible costs.

This thesis uses the Event Study methodology to determine the intangible losses of listed American companies who suffered data breaches. On average, the companies in the dataset loses 0.21% of their market cap after a security breach which, although not being statistically significant, translates to $267 million. Despite looking at several parameters to find significant predictors, only one turned out to be statistically significant, namely the number of records breached. These weak correlation is a result in itself; because of the low impact of a breach perhaps the companies lack proper incentives to protect their users' data.

Abstract [sv]

Det ständigt växande cyberhotet gör att allt fler företag väljer att göra stora investeringar i datasäkerhet. Den dolda hotbilden gör det i stort sett omöjligt att kvantifiera sannolikheten för att råka ut för en attack. Även om det går att avgöra och förutspå de direkta kostnaderna kring ett dataintrång så är det nästintill omöjligt att avgöra de indirekta kostnaderna kring ett dataintrång.

Detta arbete använder eventstudie-metodologin för att uppskatta de indirekta kostnaderna hos börsnoterade amerikanska företag efter att de haft ett dataintrång. Företagen i den undersökta datamängden förlorar i genomsnitt 0.21% av sitt marknadsvärde vilket, även om det saknar statistisk signifikans, motsvarar $267 miljoner. Arbetet undersöker ett antal parametrar för att hitta signifikanta prediktorer men endast en av de prediktorer vi undersökte var statistiskt signifikant, nämligen antalet läckta uppgifter. Dessa svaga samband är i sig intressanta; den till synes svaga inverkan av dataintrång på företagens börsvärde antyder att de kanske inte har så stora finansiella incitament att skydda sina kunders data.

Place, publisher, year, edition, pages
2019. , p. 67
Series
TRITA-ITM-EX ; 2019:347
Keywords [en]
Cybersecurity, Information security, InfoSec, Event study, cyberinsurance, data breach
Keywords [sv]
Datasäkerhet, informationssäkerhet, infosec, Eventstudie, cyberförsäkring, dataintrång
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:kth:diva-264124OAI: oai:DiVA.org:kth-264124DiVA, id: diva2:1372179
External cooperation
Edgeguide AB
Supervisors
Examiners
Available from: 2019-11-22 Created: 2019-11-22 Last updated: 2022-06-26Bibliographically approved

Open Access in DiVA

fulltext(824 kB)375 downloads
File information
File name FULLTEXT01.pdfFile size 824 kBChecksum SHA-512
c185c21919fa745d28d01fa306360146c65550452ab601cd7201cd78cac60ffd8ac60cf9c4bb0e2f4b8fbc03f382f5383e828097d99e4d4ec3d7498f230d31c0
Type fulltextMimetype application/pdf

By organisation
School of Industrial Engineering and Management (ITM)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 375 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 706 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf