Anotace:
A breach in information security (infosec) can materially impact a firm’s long-term competitiveness. For publicly listed firms, an infosec breach can have a long-lasting effect on their competitive stock performance, including their equity risk. Despite its significance, past research has focused primarily on examining the short-term effect of infosec breaches while ignoring its long-term effect on the firm’s equity risk. Therefore, in this research, we examined the long-run effect of 276 infosec breaches at publicly traded firms on equity risk from 2009 to 2018. We analyzed each firm’s equity risk compared to its competitive control firms of similar sizes and performances for three years, from one year before to two years after the breach, using a one-to-one matching methodology. The univariate analysis of infosec breaches on equity risk indicated that breach firms have a 7% higher equity risk than competitive control firms. Additionally, the quantile regression analysis of the effect of infosec breach factors on long-run equity risk showed that the rise in equity risk is higher if the breach involves the compromise of confidential information and is a repeat breach for the same firm. The findings provide a valuable resource for investors, managers, and researchers interested in understanding the long-term relationship between infosec breaches and a firm’s stock competitiveness.