公司資料外洩對資安風險揭露可讀性之影響

羅傑予; Jie-Yu Lo

請用此 Handle URI 來引用此文件： http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88717

完整後設資料紀錄

DC 欄位	值	語言
dc.contributor.advisor	高偉娟	zh_TW
dc.contributor.advisor	Wei-Chuan Kao	en
dc.contributor.author	羅傑予	zh_TW
dc.contributor.author	Jie-Yu Lo	en
dc.date.accessioned	2023-08-15T17:29:39Z	-
dc.date.available	2023-11-09	-
dc.date.copyright	2023-08-15	-
dc.date.issued	2023	-
dc.date.submitted	2023-07-26	-
dc.identifier.citation	Acquisti, A., Friedman, A., & Telang, R. (2006). Is there a cost to privacy breaches? An event study. International Conference on Information Systems 2006 proceedings, 94. Akey, P., Lewellen, S., Liskovich, I., & Schiller, C. (2021). Hacking corporate reputations. Rotman School of Management Working Paper. 1-59. Amir, E., Levi, S., & Livne, T. (2018). Do firms underreport information on cyber-attacks? Evidence from capital markets. Review of Accounting Studies, 23, 1177-1206. Ashraf, M. (2021). Potentially unintended consequences of the SEC restricting managerial discretion: Evidence from peer data breaches and cyber risk factors. Available at SSRN 3807487, 1-44. Ashraf, M. (2022). The role of peer events in corporate governance: Evidence from data breaches. The Accounting Review, 97(2), 1-24. Bao, D., Kim, Y., Mian, G. M., & Su, L. (2019). Do managers disclose or withhold bad news? Evidence from short interest. The Accounting Review, 94(3), 1-26. Barber, B. M., & Lyon, J. D. (1997). Detecting long-run abnormal stock returns: The empirical power and specification of test statistics. Journal of financial economics, 43(3), 341-372. Bendovschi, A. (2015). Cyber-attacks–trends, patterns and security countermeasures. Procedia Economics and Finance, 28, 24-31. Berkman, H., Jona, J., Lee, G., & Soderstrom, N. (2018). Cybersecurity awareness and market valuations. Journal of Accounting and Public Policy, 37(6), 508-526. Bonsall, S. B., & Miller, B. P. (2017). The impact of narrative disclosure readability on bond ratings and the cost of debt. Review of Accounting Studies, 22, 608-643. Calderon, T. G., & Gao, L. (2021). Cybersecurity risks disclosure and implied audit risks: Evidence from audit fees. International Journal of Auditing, 25(1), 24-39. Campbell, J. L., Chen, H., Dhaliwal, D. S., Lu, H. M., & Steele, L. B. (2014). The information content of mandatory risk factor disclosures in corporate filings. Review of Accounting Studies, 19, 396-455. Cashell, B., Jackson, W. D., Jickling, M., & Webel, B. (2004). The economic impact of cyber-attacks. Congressional research service documents, CRS RL32331, 1-41. Chen, J., Henry, E., & Jiang, X. (2022). Is cybersecurity risk factor disclosure informative? Evidence from disclosures following a data breach. Journal of Business Ethics, 1-26. Ettredge, M. L., & Richardson, V. J. (2003). Information transfer among internet firms: the case of hacker attacks. Journal of Information Systems, 17(2), 71-82. Fama, E. F., & French, K. R. (1997). Industry costs of equity. Journal of financial economics, 43(2), 153-193. Gao, L., Calderon, T. G., & Tang, F. (2020). Public companies' cybersecurity risk disclosures. International Journal of Accounting Information Systems, 38, 100468, 1-22. Gordon, L. A., & Loeb, M. P. (2002). The economics of information security investment. ACM Transactions on Information and System Security (TISSEC), 5(4), 438-457. Gordon, L. A., Loeb, M. P., Lucyshyn, W., & Zhou, L. (2015). The impact of information sharing on cybersecurity underinvestment: A real options perspective. Journal of Accounting and Public Policy, 34(5), 509-519. Gordon, L. A., Loeb, M. P., & Sohail, T. (2010). Market value of voluntary disclosures concerning information security. MIS quarterly, 567-594. Haapamäki, E., & Sihvonen, J. (2019). Cybersecurity in accounting research. Managerial Auditing Journal, 34(7), 808-834. Hilary, G., Segal, B., & Zhang, M. H. (2016). Cyber-risk disclosure: who cares? Georgetown McDonough School of Business Research Paper, 1-59. Hinz, O., Nofer, M., Schiereck, D., & Trillig, J. (2015). The influence of data theft on the share prices and systematic risk of consumer electronics companies. Information & Management, 52(3), 337-347. Huang, H. H., & Wang, C. (2021). Do banks price firms' data breaches? The Accounting Review, 96(3), 261-286. Kamiya, S., Kang, J. K., Kim, J., Milidonis, A., & Stulz, R. M. (2021). Risk management, firm reputation, and the impact of successful cyberattacks on target firms. Journal of Financial Economics, 139(3), 719-749. Kashmiri, S., Nicol, C. D., & Hsu, L. (2017). Birds of a feather: Intra-industry spillover of the Target customer data breach and the shielding role of IT, marketing, and CSR. Journal of the Academy of Marketing Science, 45, 208-228. Kelton, A. S. (2021). How to reduce the cybersecurity breach contagion effect. Current Issues in Auditing, 15(2), 1-9. Kelton, A. S., & Pennington, R. R. (2020). Do voluntary disclosures mitigate the cybersecurity breach contagion effect? Journal of Information Systems, 34(3), 133-157. Kim, I., & Skinner, D. J. (2012). Measuring securities litigation risk. Journal of Accounting and Economics, 53(1-2), 290-310. Lehavy, R., Li, F., & Merkley, K. (2011). The effect of annual report readability on analyst following and the properties of their earnings forecasts. The Accounting Review, 86(3), 1087-1115. Li, F. (2008). Annual report readability, current earnings, and earnings persistence. Journal of Accounting and economics, 45(2-3), 221-247. Li, H., No, W. G., & Wang, T. (2018). SEC's cybersecurity disclosure guidance and disclosed cybersecurity risk factors. International Journal of Accounting Information Systems, 30, 40-55. Ljungqvist, A., Zhang, L., & Zuo, L. (2017). Sharing risk with the government: How taxes affect corporate risk taking. Journal of Accounting Research, 55(3), 669-707. Loughran, T., & McDonald, B. (2014). Measuring readability in financial disclosures. The Journal of Finance, 69(4), 1643-1671. Lundholm, R. J., Rogo, R., & Zhang, J. L. (2014). Restoring the tower of Babel: How foreign firms communicate with US investors. The accounting review, 89(4), 1453-1485. Malhotra, A., & Kubowicz Malhotra, C. (2011). Evaluating customer information breaches as service failures: An event study approach. Journal of Service Research, 14(1), 44-59. Martin, K. D., Borah, A., & Palmatier, R. W. (2017). Data privacy: Effects on customer and firm performance. Journal of Marketing, 81(1), 36-58 Nazari, J. A., Hrazdil, K., & Mahmoudian, F. (2017). Assessing social and environmental performance through narrative complexity in CSR reports. Journal of Contemporary Accounting & Economics, 13(2), 166-178. Nelson, K. K., & Pritchard, A. C. (2016). Carrot or stick? The shift from voluntary to mandatory disclosure of risk factors. Journal of Empirical Legal Studies, 13(2), 266-297. Securities and Exchange Commission (SEC). (2005). Securities and exchange commission final rule, Release No. 33-8591: 1-468. Retrieved from https://www.sec.gov/rules/final/33-8591.pdf Securities and Exchange Commission (SEC). (2011). CF disclosure guidance: Topic no. 2, cybersecurity, provided by the division of corporation finance. Retrieved from https://www.sec.gov/divis ions/corpfin/guidance/cfguidance-topic2.htm Securities and Exchange Commission (SEC). (2018). Commission statement and guidance on public company cybersecurity disclosures, Release No. 33-10459. https://www.sec.gov/rules/interp/ 2018/33-10459.pdf Tom, J. M. (2010). A simple compromise: The need for a federal data breach notification law. John's Law Review, 84(4), 1569-1603. Uma, M., & Padmavathi, G. (2013). A survey on various cyber attacks and their classification. International Journal of Network Security, 15(5), 390-396.	-
dc.identifier.uri	http://tdr.lib.ntu.edu.tw/jspui/handle/123456789/88717	-
dc.description.abstract	本研究旨在探討企業於資料外洩事件後，是否使用更容易閱讀及理解的方式，揭露有關資訊安全方面之風險。本研究採用2006年至2021年Compustat美國公司資料，以及2007年至2019年資料外洩事件，將傾向性評分匹配成功之樣本，利用差異中之差異估計法進行迴歸分析。實證結果顯示，在其他會影響企業有關資安風險揭露可讀性之條件皆不變的情況下，相較於未經歷資料外洩之公司，外洩公司將於資料外洩事件後，顯著改善關於網路安全風險揭露內容的易讀程度；且於平行假設及穩健性測試下，所得結果亦支持主要實證結論；除此之外，本研究亦執行額外測試，進一步分析造成資安風險揭露可讀性上升的具體原因，藉以加強本研究主要實證結果之可靠性。	zh_TW
dc.description.abstract	The study investigates whether breached firms offer more readable content on cybersecurity risk disclosure following the breach incident. Using a sample between 2006 to 2021, the study matches the sample by propensity score matching. A difference-in-differences analysis based on matched firms indicates that firms suffering cybersecurity breaches more significantly improve the readability of cybersecurity risk disclosure. Furthermore, we also perform additional analyses to examine the factors through which data breaches affect the readability of cybersecurity risk disclosure. Overall, this study shows that the breached company will change their disclosure behavior after a data breach event.	en
dc.description.provenance	Submitted by admin ntu (admin@lib.ntu.edu.tw) on 2023-08-15T17:29:39Z No. of bitstreams: 0	en
dc.description.provenance	Made available in DSpace on 2023-08-15T17:29:39Z (GMT). No. of bitstreams: 0	en
dc.description.tableofcontents	中文摘要 I Abstract II 第一章緒論 1 第二章文獻回顧與假說建立 4 第一節企業揭露可讀性之相關文獻回顧 4 第二節資料外洩事件之相關文獻回顧 5 第三節資安風險揭露之相關文獻回顧 6 第四節研究假說之建立 9 第三章研究方法 11 第一節資料來源與樣本選取 11 第二節實證模型與變數定義 15 第四章實證結果 21 第一節平均數差異分析 21 第二節敘述性統計 22 第三節相關係數分析 24 第四節實證結果 26 第五節穩健性測試 30 第六節額外測試 34 第五章結論與建議 41 第一節研究結論 41 第二節研究貢獻 42 第三節研究限制與建議 43 參考文獻 44 附錄 49	-
dc.language.iso	zh_TW	-
dc.subject	資安風險揭露	zh_TW
dc.subject	資料外洩	zh_TW
dc.subject	資安風險	zh_TW
dc.subject	可讀性	zh_TW
dc.subject	Cybersecurity risk disclosures	en
dc.subject	Readability	en
dc.subject	Data breach	en
dc.subject	Cybersecurity	en
dc.title	公司資料外洩對資安風險揭露可讀性之影響	zh_TW
dc.title	The Effect of Data Breach on the Readability of Cybersecurity Risk Disclosure	en
dc.type	Thesis	-
dc.date.schoolyear	111-2	-
dc.description.degree	碩士	-
dc.contributor.oralexamcommittee	廖芝嫻;顏如君	zh_TW
dc.contributor.oralexamcommittee	Chih-Hsien Liao;Ju-Chun Yen	en
dc.subject.keyword	資安風險,資安風險揭露,資料外洩,可讀性,	zh_TW
dc.subject.keyword	Cybersecurity,Cybersecurity risk disclosures,Data breach,Readability,	en
dc.relation.page	55	-
dc.identifier.doi	10.6342/NTU202302111	-
dc.rights.note	未授權	-
dc.date.accepted	2023-07-26	-
dc.contributor.author-college	管理學院	-
dc.contributor.author-dept	會計學系	-
顯示於系所單位：	會計學系

文件中的檔案：

檔案	大小	格式
ntu-111-2.pdf 未授權公開取用	1.21 MB	Adobe PDF

顯示文件簡單紀錄

系統中的文件，除了特別指名其著作權條款之外，均受到著作權保護，並且保留所有的權利。